Ricoh Company, Ltd. Security Vulnerabilities

CVE-2024-35853

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in...

CVE-2024-35854

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region is destroyed at the end....

Exploit for CVE-2024-30212

[![CVSS3][cvss3-shield]][cvss4-url]...

CVE-2022-4968

netplan leaks the private key of wireguard to local users. A security fix will be released...

CVE-2024-35634

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wow-Company Woocommerce – Recent Purchases allows PHP Local File Inclusion.This issue affects Woocommerce – Recent Purchases: from n/a through...

CVE-2024-23911

Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted...

CVE-2022-25739

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM...

CVE-2022-33211

memory corruption in modem due to improper check while calculating size of serialized CoAP...

CVE-2022-33211 Improper Input Validation in MODEM

memory corruption in modem due to improper check while calculating size of serialized CoAP...

CVE-2022-33211 Improper Input Validation in MODEM

memory corruption in modem due to improper check while calculating size of serialized CoAP...

CVE-2022-33288 Buffer copy without checking the size of input in Core

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection...

CVE-2022-33278 Buffer copy without checking the size of input in HLOS

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer...

CVE-2022-25728

Information disclosure in modem due to buffer over-read while processing response from DNS...

CVE-2022-33279

Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame...

CVE-2022-25732 Buffer Over-read in MODEM

Information disclosure in modem due to buffer over read in dns client due to missing length...

OpenCart Cross-Site Request Forgery (CSRF)

Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to...

OpenCart Cross-Site Request Forgery (CSRF)

Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to...

CVE-2024-35629

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Wow-Company Easy Digital Downloads – Recent Purchases allows PHP Remote File Inclusion.This issue affects Easy Digital Downloads – Recent Purchases: from n/a through...

US bans Kaspersky, warns: “Immediately stop using that software”

The US government will ban the sale of Kaspersky antivirus products to new customers in the United States starting July 20, with a follow-on deadline to prohibit the cybersecurity company from providing users with software updates after September 29. The move follows years of allegations that the.....

CVE-2023-23990

Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through...

CVE-2023-24203

Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query...

CVE-2023-28555

Transient DOS in Audio while remapping channel buffer in media codec...

CVE-2023-21653

Transient DOS in Modem while processing RRC reconfiguration...

CVE-2023-21658 Buffer Over-Read in WLAN Firmware

Transient DOS in WLAN Firmware while processing the received beacon or probe response...

CVE-2022-33246 Use of out-of-range pointer offset in Audio

Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session...

CVE-2022-34145 Buffer over-read in WLAN Host

Transient DOS due to buffer over-read in WLAN Host while parsing frame...

CVE-2022-40538 Reachable assertion in Modem

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from...

CVE-2022-40536 Improper authentication in Modem

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from...

CVE-2022-25730 Buffer Over-read in MODEM

Information disclosure in modem due to improper check of IP type while processing DNS server...

CVE-2022-25729

Memory corruption in modem due to improper length check while copying into...

CVE-2023-28555 Buffer Over-read in Audio

Transient DOS in Audio while remapping channel buffer in media codec...

CVE-2023-33019

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA...

CVE-2023-24843 Reachable Assertion in Modem

Transient DOS in Modem while triggering a camping on an 5G...

CVE-2023-21635 Buffer Copy without Checking Size of Input in Data Network Stack & Connectivity

Memory Corruption in Data Network Stack & Connectivity when sim gets detected on...

CVE-2023-21660

Transient DOS in WLAN Firmware while parsing FT Information...

CVE-2022-33244 Reachable assertion in Modem

Transient DOS due to reachable assertion in modem during MIB reception and SIB...

CVE-2022-33254

Transient DOS due to reachable assertion in Modem while processing SIB1...

CVE-2022-34145

Transient DOS due to buffer over-read in WLAN Host while parsing frame...

CVE-2022-34145 Buffer over-read in WLAN Host

Transient DOS due to buffer over-read in WLAN Host while parsing frame...

CVE-2022-40502 Improper input validation in WLAN Host

Transient DOS due to improper input validation in WLAN...

CVE-2022-40533 Untrusted Pointer Dereference in Core

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI...

CVE-2022-40527

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by...

CVE-2022-40527 Reachable Assertion in WLAN Embedded SW

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by...

CVE-2022-40536 Improper authentication in Modem

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from...

CVE-2023-24203

Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query...

CVE-2023-33019 Improper Authorization in WLAN Host

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA...

CVE-2023-24843

Transient DOS in Modem while triggering a camping on an 5G...

CVE-2023-21635

Memory Corruption in Data Network Stack & Connectivity when sim gets detected on...

CVE-2023-21660 Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing FT Information...

CVE-2023-21646 Reachable Assertion in Modem

Transient DOS in Modem while processing invalid System Information Block...