90604 matches found
The vulnerability of the doSystemCmd (goform/formSetUSBPartitionUmount) function in the Tenda W20E router software allows a hacker to execute arbitrary commands.
The vulnerability of the doSystemCmd goform/formSetUSBPartitionUmount function in the Tenda W20E router microprogramming system is related to incorrect handling of code generation in memory when processing the usbPartitionName parameter. Exploiting this vulnerability allows an attacker to execute...
The vulnerability of the getMibPrefix function (goform/formWifiFilterRulesAdd) in the Tenda W20E router software allows a hacker to trigger a service failure.
The vulnerability of the getMibPrefix function goform/formWifiFilterRulesAdd in the Tenda W20E router microprogramming software is related to the operation going beyond the buffer in memory when processing the nptr parameter. Exploiting this vulnerability could allow a remote attacker to cause...
The vulnerability of the sub_B0488 function (goform/formSetIptv) in the microprogramming software for Tenda AC15 allows a hacker to execute arbitrary commands.
The vulnerability of the subB0488 function goform/formSetIptv in the microprogramming software for Tenda AC15 is related to incorrect handling of code generation in memory when processing the parameter s11. Exploiting this vulnerability can allow an attacker to execute arbitrary commands remotely...
The vulnerability of the getMibPrefix function (goform/formWifiFilterRulesModify) in the Tenda W20E router software allows a hacker to execute arbitrary commands.
The vulnerability of the getMibPrefix function in the microprogramming software for Tenda W20E routers stems from the operation that goes beyond the buffer in the parameter nptr’s memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the s390ReplaceAsce() function in the arch/s390/mm/gmap.c module of the S390 platform support module in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the s390ReplaceAsce function in the arch/s390/mm/gmap.c module of the Linux operating system’s S390 platform support module is related to improper cleaning or release of resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the mem_dump_obj() function in the mm/util.c module of the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the memdumpobj function in the mm/util.c module of the Linux kernel’s memory management subsystem is related to the occurrence of mutual locking. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of the mac_hid_toggle_emumouse() function in the drivers/macintosh/mac_hid.c file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the machidtoggleemumouse function in the drivers/macintosh/machid.c file of the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...
The vulnerability of the mlx5e_ptp_open() function in the drivers/net/ethernet/mellanox/mlx5/core/en/ptp.c driver for Mellanox Ethernet network adapters in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mlx5eptpopen function in the drivers/net/ethernet/mellanox/mlx5/core/en/ptp.c driver for Mellanox Ethernet network adapters in the Linux operating system is related to improper memory release. Exploiting this vulnerability could allow an attacker to cause a service failur...
The vulnerability of the ena_com_comp_status_to_errno() function in the drivers/net/ethernet/amazon/ena/ena_com.c file of the Ethernet network adapter driver for the Linux operating system. This vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the enacomcompstatustoerrno function in the drivers/net/ethernet/amazon/ena/enacom.c file of the Ethernet network adapter driver for the Linux operating system is related to integer overflow or cyclic shift vulnerabilities. Exploiting this vulnerability could allow an attacke...
The vulnerability of the sctp_sendmsg_to_asoc() function in the net/sctp/socket.c module of the Linux operating system’s SCTP protocol implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sctpsendmsgtoasoc function in the net/sctp/socket.c module of the Linux operating system’s SCTP protocol implementation is related to the use of a NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the `rtsxpci_sdmmc_drv_probe()` function in the `mmc/host/rtsxpci_sdmmc.c` driver for MMC/SD/SDIO cards in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the rtsxpcisdmmcdrvprobe function in the mmc/host/rtsxpcisdmmc.c driver for MMC/SD/SDIO cards in the Linux operating system is related to the lack of checking the return value. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the vub300_probe() function in the drivers/mmc/host/vub300.c file of the MMC/SD/SDIO card driver module in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the vub300probe function in the drivers/mmc/host/vub300.c file of the MMC/SD/SDIO card driver in the Linux operating system is related to the lack of checking the return value. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the radeon_acpi_vfct_bios() function in the drivers/gpu/drm/radeon/radeon_bios.c driver of the Direct Rendering Infrastructure (DRI) graphics card for Linux operating systems allows a hacker to cause a system failure.
The vulnerability of the radeonacpivfctbios function in the drivers/gpu/drm/radeon/radeonbios.c driver of the Direct Rendering Infrastructure DRI video card for Linux operating systems is related to improper memory release. Exploiting this vulnerability can allow an attacker to cause a system...
The vulnerability of the get_dvsec_vendor0() function in the drivers/misc/ocxl/config.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the getdvsecvendor0 function in the drivers/misc/ocxl/config.c file of the Linux kernel is related to errors during linkage updates. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the vkms_init() function in the drivers/gpu/drm/vkms/vkms_drv.c file of the Direct Rendering Infrastructure (DRI) driver module in the Linux operating system allows a malicious actor to cause a service failure.
The vulnerability of the vkmsinit function in the drivers/gpu/drm/vkms/vkmsdrv.c file, a driver for the Direct Rendering Infrastructure DRI of the Linux kernel, is related to the lack of checking for the return value. Exploiting this vulnerability could allow an attacker to cause a service failur...
The vulnerability of the recovery_request_write() function in the drivers/md/raid10.c module of the Linux operating system’s multi-device driver (RAID and LVM kernel), which allows a hacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the recoveryrequestwrite function in the drivers/md/raid10.c driver for multiple device-based systems RAID and LVM in the Linux kernel is related to the failure to release resources after their useful lifespan has ended. Exploiting this vulnerability could allow an attacker t...
The vulnerability of the `arm64_mops_reset regs()` function in the `arch/arm64/include/asm/traps.h` file of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the arm64mopsreset regs function in the arch/arm64/include/asm/traps.h header of the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the PT NGFW network firewall, related to the lack of access control, allows a intruder to gain unauthorized access to MinIO backup copies.
The vulnerability of the PT NGFW network firewall is related to the lack of access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to MinIO’s backup copies...
The vulnerability of the vmxnet3_process_xdp() function in the drivers/net/vmxnet3/vmxnet3_xdp.c file of the Linux kernel network device driver allows a attacker to cause a service failure.
The vulnerability of the vmxnet3processxdp function in the drivers/net/vmxnet3/vmxnet3xdp.c file of the Linux kernel device driver framework is related to access to an uninitialized pointer. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the corporate messaging system Squadus, related to errors in verifying the cryptographic signature, allows attackers to gain access to user accounts.
The vulnerability of the corporate messaging system Squadus is related to errors in verifying the cryptographic signature. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to user accounts...
The vulnerability of the mechanism for destroying arrays containing objects of the PHP interpreter’s object model allows a attacker to bypass the protection provided by disable_functions and invoke operating system commands.
The vulnerability of the mechanism for destroying arrays containing objects of the PHP interpreter’s object model is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to bypass the disablefunctions protection mechanism and invoke operating syste...
The vulnerability of the sfb_reset() function in the net/sched/sch_sfb.c module of the network/sched subsystem of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sfbReset function in the net/sched/schsfb.c module of the Linux operating system’s network/scheduling subsystem is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the formWebTypeLibrary() function in the httpd component of the Tenda F453 microprogramming system allows a hacker to execute arbitrary code.
The vulnerability of the formWebTypeLibrary function in the httpd component of the Tenda F453 microprogramming system for routers is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the hsr_get_untagged_frame() function in the net/hsr/hsr_forward.c module, a Linux kernel networking function implementation, allows a hacker to cause a service failure.
The vulnerability of the hsrgetuntaggedframe function in the net/hsr/hsrforward.c module, which is part of the networking functions in the Linux kernel, relates to the dereferencing of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the gss_read_proxy_verf() function in the net/sunrpc/auth_gss/svcauth_gss.c module of the RPC protocol implementation in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the gssreadproxyverf function in the net/sunrpc/authgss/svcauthgss.c module of the RPC protocol implementation in the Linux operating system is related to improper memory release. Exploiting this vulnerability could allow a remote attacker to cause service failures...
The vulnerability of the ath9k_hif_usb_reg_in_cb() function in the drivers/net/wireless/ath/ath9k/hif_usb.c driver module of the Atheros/Qualcomm wireless communication adapter driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the ath9khifusbregincb function in the drivers/net/wireless/ath/ath9k/hifusb.c driver for Atheros/Qualcomm wireless communication adapters in the Linux operating system is related to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker t...
The vulnerability of the sk_stream_kill_queues() function in the net/core/stream.c module, which is part of the Linux kernel’s networking functions, allows a hacker to cause a service failure.
The vulnerability of the skstreamkillqueues function in the net/core/stream.c module of the Linux kernel’s networking functions is related to improper memory release. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the persistent_ram_vmap() function in the fs/pstore/ram_core.c module of the Linux kernel’s persistent storage support allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the persistentramvmap function in the fs/pstore/ramcore.c module, which supports the persistent storage of the Linux kernel, is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise t...
The vulnerability of the nfsaclsvc_encode_getaclres() function in the fs/nfsd/nfs2acl.c module, which is part of the Linux kernel’s Network File System support, allows a attacker to compromise the confidentiality and integrity of protected information.
The vulnerability of the nfsaclsvcencodegetaclres function in the fs/nfsd/nfs2acl.c module, which is part of the Linux kernel’s Network File System support, involves the exposure of confidential information. Exploiting this vulnerability could allow an attacker to compromise the confidentiality a...
The vulnerability of the tcp_add_backlog() function in the net/ipv4/tcp_ipv4.c module, which is part of the Linux operating system’s IPv4 protocol implementation, allows a hacker to cause a service failure.
The vulnerability of the tcpaddbacklog function in the net/ipv4/tcpipv4.c module, which is part of the Linux operating system’s IPv4 protocol implementation, involves integer overflow or cyclic shift vulnerabilities. Exploiting this vulnerability could allow a remote attacker to cause a service...
The vulnerability of the lpfcdebugfs_lockstat_write() function in the drivers/scsi/lpfc/lpfcdebugfs.c driver of the Linux SCSI device kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the lpfcdebugfslockstatwrite function in the drivers/scsi/lpfc/lpfcdebugfs.c driver for Linux SCSI devices is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...
The vulnerability of the TextEditingConversion() function in the microprogramming software for Tenda AC15 allows a hacker to execute arbitrary code.
The vulnerability of the TextEditingConversion function in the Tenda AC15 router’s microprogramming software is related to the operation of writing data outside the buffer in memory when processing the wpapskcrypto24g parameter. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the hidp_set_timer() function in the net/bluetooth/hidp/core.c module of the Linux kernel’s Bluetooth subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the hidpsettimer function in the net/bluetooth/hidp/core.c module of the Linux kernel’s Bluetooth subsystem is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility...
The vulnerability of the BPF_CALL_2() function in the net/core/filter.c module allows a hacker to compromise the privacy, integrity, and accessibility of the protected information within the Linux operating system’s kernel network functions.
The vulnerability of the BPFCALL2 function in the net/core/filter.c module related to Linux’s kernel network functions involves unlimited distribution of resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...
The vulnerability of the set_user_sq_size() function in the drivers/infiniband/hw/mlx4/qp.c module of the Linux operating system’s kernel driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the setusersqsize function in the drivers/infiniband/hw/mlx4/qp.c module of the Linux operating system’s kernel driver is related to integer overflow or cyclic shift vulnerabilities. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the mptcp_worker() function in the net/mptcp/protocol.c module of the MPTCP protocol implementation in Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the mptcpworker function in the net/mptcp/protocol.c module of the MPTCP protocol implementation in Linux’s kernel is related to insecure privilege management. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibilit...
The vulnerability of the net_failover_select_queue() function in the drivers/net/net Failover.c module of the Linux kernel network device driver allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the net FailoverSelectQueue function in the drivers/net/net Failover.c module of the Linux kernel network device driver is related to incorrect calculation of the buffer size. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...
The vulnerability of the svc_defer() function in the net/sunrpc/svc_xprt.c module of the Linux operating system’s RPC protocol implementation allows a attacker to cause a service failure.
The vulnerability of the svcdefer function in the net/sunrpc/svcxprt.c module of the Linux operating system’s RPC protocol implementation is related to the repeated release of previously released memory. Exploiting this vulnerability could allow a remote attacker to cause service failures...
The vulnerability of the ath11k_peer_rx_frag_setup() function in the drivers/net/wireless/ath/ath11k/dp_rx.c file of the Atheros/Qualcomm wireless adapter driver for the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the ath11kpeerrxfragsetup function in the drivers/net/wireless/ath/ath11k/dprx.c file of the Atheros/Qualcomm wireless adapter driver in the Linux operating system is related to the failure to release resources after their useful life has ended. Exploiting this vulnerability...
The vulnerability of the ath9k_wmi_ctrl_rx() function in the drivers/net/wireless/ath/ath9k/wmi.c driver for Atheros/Qualcomm wireless communication adapters in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the ath9kwmictrlrx function in the drivers/net/wireless/ath/ath9k/wmi.c driver for Atheros/Qualcomm wireless communication adapters in the Linux operating system is related to the access to an uninitialized pointer. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the detect_stream_formats() function in the sound subsystem of the Linux operating system’s kernel, which allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the detectstreamformats function in the sound/firewire/dice/dice-extension.c module of the Linux kernel’s sound subsystem is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, an...
The vulnerability of the erofs_fc_fill_super() function in the fs/erofs/super.c file of the EROFS Enhanced ReadOnly File System kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the erofsfcfillsuper function in the fs/erofs/super.c file of the EROFS Enhanced ReadOnly File System kernel of the Linux operating system is related to a buffer overflow based on a stack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...
The vulnerability of the vxlan_xmit_one() function in the drivers/net/vxlan/vxlan_core.c file of the Linux kernel’s network device driver module allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the vxlanxmitone function in the drivers/net/vxlan/vxlancore.c file of the Linux kernel’s network device driver is related to the use of the NULL pointer pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the rtl8187_rx_cb() function in the drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c file of the wireless adapter driver module developed by Realtek for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the rtl8187rxcb function in the drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c file of the wireless adapter driver module developed by Realtek for the Linux operating system is related to improper cleanup or release of resources. Exploiting this vulnerability could allow ...
The vulnerability of the hnae_ae_register() function in the drivers/net/ethernet/hisilicon/hns/hnae.c module of the Ethernet network adapter driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the hnaeaeregister function in the drivers/net/ethernet/hisilicon/hns/hnae.c module of the Ethernet network adapter driver for the Linux operating system is related to the failure to release resources after their useful life has ended. Exploiting this vulnerability could allo...
The vulnerability of the lpuart_dma_shutdown() function in the drivers/tty/serial/fsl_lpuart.c file of the console TTY driver in the Linux kernel’s parallel port allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the lpuartdmashutdown function in the drivers/tty/serial/fsllpuart.c module of the console TTY driver in the Linux kernel’s serial port layer is related to improper termination or release of resources. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the `nvmeTraceBioComplete()` function in the Linux kernel module allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the nvmeTraceBioComplete function in the Linux kernel module is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the tcindex_set_parms() function in the net/sched/cls_tcindex.c module of the network/sched subsystem of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the tcindexsetparms function in the net/sched/clstcindex.c module of the network scheduling subsystem in the Linux operating system is related to improper memory release. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the `udp_tunnel_sock_release()` function in the `net/ipv4/udp_tunnel_core.c` module of the Linux operating system’s IPv4 protocol implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the udptunnelsockrelease function in the net/ipv4/udptunnelcore.c module of the Linux kernel’s IPv4 implementation is related to the use of a NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...
The vulnerability of the hci_conn_add_sysfs() function in the net/bluetooth/hci_sysfs.c module of the Linux kernel’s Bluetooth subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the hciconnaddsysfs function in the net/bluetooth/hcisysfs.c module of the Linux kernel’s Bluetooth subsystem is related to state management errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...