EUVD-2020-25232

Malware in sbrugna...

CVE-2024-42244

CVE-2024-42244 concerns the Linux kernel USB serial mos7840 driver. The vulnerability caused a crash on resume when multiple port read URBs were submitted after resume, due to the second URB’s context pointer remaining tied to the core instead of the mos7840 port. A dedicated suspend/resume imple...

CVE-2024-41035 USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore see the Closes: tag below caused by our assumption that the reserved bits in an endpoint descriptor's...

Denial Of Service (DoS)

kernel-rt is vulnerable to Denial Of Service DoS. The vulnerability exists in the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices due to the multiple out-of-bounds reads and possible out-of-bounds writes, leading to an application crash...

RHEL 9 : kpatch-patch (RHSA-2023:0536)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0536 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

RHEL 8 : kpatch-patch (RHSA-2023:0499)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0499 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

RHEL 8 : kernel (RHSA-2023:0395)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0395 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: memory corruption in AX8817917...

AlmaLinux 8 : kernel-rt (ALSA-2023:0114)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0114 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple...

VMware Workstation 16.0.x < 16.2.5 Vulnerability (VMSA-2022-0033)

The version of VMware Workstation installed on the remote host is 16.0.x prior to 16.2.5. It is, therefore, affected by a vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable,...

VMware ESXi 7.0 / 8.0 Heap Out-of-bounds Write (VMSA-2022-0033)

VMware ESXi contain a heap out-of-bounds write vulnerability in the USB 2.0 controller EHCI. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. The exploitation is contained...

CVE-2022-31705

VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller EHCI. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESX...

CVE-2022-31705

CVE-2022-31705 is a heap out-of-bounds write in the USB 2.0 EHCI controller affecting VMware ESXi, Workstation, and Fusion. A local administrator within a guest VM can exploit this to execute code in the VMX process on the host; on ESXi the exploit is contained within the VMX sandbox, while on Wo...

CVE-2022-31705

VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller EHCI. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESX...

PT-2022-5844 · Vmware · Vmware Esxi +2

Name of the Vulnerable Software and Affected Versions: VMware ESXi, Workstation, and Fusion affected versions not specified Description: A heap out-of-bounds write vulnerability in the USB 2.0 controller EHCI allows a malicious actor with local administrative privileges on a virtual machine to...

VMSA-2022-0033:VMware ESXi, Workstation, and Fusion updates address a heap out-of-bounds write vulnerability

Advisory ID: VMSA-2022-0033 CVSSv3 Range: 5.9-9.3 Issue Date:2022-12-13 Updated On: 2022-12-13 Initial Advisory CVEs: CVE-2022-31705 Synopsis: VMware ESXi, Workstation, and Fusion updates address a heap out-of-bounds write vulnerability CVE-2022-31705 RSS Feed Download PDF Download Text File Shar...

CVE-2022-2964

A flaw was found in the Linux kernel’s driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes...

SUSE: Security Advisory (SUSE-SU-2017:1301-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-15058

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic...

Cross site scripting

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

Authentication flaw

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter...