6130 matches found
MediaTek 芯片安全漏洞
MediaTek chips are a variety of chips from MediaTek, a China-based company. A security vulnerability exists in the MediaTek chip vcu, which originates from improper locking and may result in memory corruption...
PT-2023-34795 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: The issue is related to an alloc iova overflows problem in the iommu/iova component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices
Researchers are warning about a spike in exploitation attempts weaponizing a now-patched critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as...
Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices
Researchers are warning about a spike in exploitation attempts weaponizing a now-patched critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as...
Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram
The Russian state-sponsored cyber espionage group known as Gamaredon has continued its digital onslaught against Ukraine, with recent attacks leveraging the popular messaging app Telegram to strike military and law enforcement sectors in the country. "The Gamaredon group's network infrastructure...
GPAC 输入验证错误漏洞
GPAC is an open source multimedia framework. A security vulnerability exists in GPAC version 2.2-rev0-gab012bbfb-master, which stems from the discovery of a contained integer overflow vulnerability via the QDecCoordOnUnitSphere function in bifs/unquantize.c...
PT-2023-33228 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.83 Description: The issue is related to the invocation of MMU notifiers in shmem/file collapse paths in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations...
PT-2023-33133 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to the invocation of MMU notifiers in shmem/file collapse paths in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations:...
PT-2023-9440 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the iommu/arm-smmu-v3 component in the Linux kernel. It is caused by the driver calling iommu device unregister from the shutdown path, which removes the IOMMU...
Design/Logic Flaw
EXFO - BV-10 Performance Endpoint Unit misconfiguration. System configuration file has misconfigured permissions...
CVE-2022-39186 EXFO - BV-10 Performance Endpoint Unit Misconfiguration
EXFO - BV-10 Performance Endpoint Unit misconfiguration. System configuration file has misconfigured permissions...
CVE-2022-39185 EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user.
EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented hard-coded privileged user...
PT-2023-13709 · Exfo · Exfo Bv-10 Performance Endpoint Unit
Name of the Vulnerable Software and Affected Versions: EXFO - BV-10 Performance Endpoint Unit affected versions not specified Description: The issue concerns a misconfiguration in the EXFO - BV-10 Performance Endpoint Unit, specifically with the system configuration file having misconfigured...
PT-2023-13707 · Exfo · Exfo Bv-10 Performance Endpoint Unit
Name of the Vulnerable Software and Affected Versions: EXFO BV-10 Performance Endpoint Unit affected versions not specified Description: The issue allows a user to manually manipulate access, enabling an authentication bypass. This means that an individual can potentially gain unauthorized access...
PT-2023-13708 · Exfo · Exfo Bv-10 Performance Endpoint Unit
Name of the Vulnerable Software and Affected Versions: EXFO BV-10 Performance Endpoint Unit affected versions not specified Description: The issue concerns an undocumented hard-coded privileged user in the EXFO BV-10 Performance Endpoint Unit. This means that there is a user account with elevated...
CVE-2022-39186
CVE-2022-39186 affects EXFO BV-10 Performance Endpoint Unit. The root cause is a misconfigured permissions setting on the system configuration file, as reported by multiple sources (NVD, CNNVD). Potential impact includes high confidentiality exposure, with local attack vector and low attack compl...
CVE-2022-39184 EXFO - BV-10 Performance Endpoint Unit Authentication bypass
EXFO - BV-10 Performance Endpoint Unit authentication bypass User can manually manipulate access enabling authentication bypass...
CVE-2022-39184
CVE-2022-39184 affects EXFO BV-10 Performance Endpoint Unit. The vulnerability is an authentication bypass where a user can manually manipulate access to enable bypass. Documented impact is high ( Confidentiality/Integrity/Availability = High) with CVSS 3.1 base score 9.8. Connected sources confi...
CVE-2023-20531
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service...
CVE-2023-20530
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service...