2019-08-17
|
CVE-2019-15132
|
Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php.
|
Debian_linux, Zabbix
|
5.3
|
|
|
2022-09-16
|
CVE-2022-3176
|
There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659
|
Debian_linux, Linux_kernel
|
7.8
|
|
|
2022-05-12
|
CVE-2022-29885
|
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks.
|
Tomcat, Debian_linux, Hospitality_cruise_shipboard_property_management_system
|
7.5
|
|
|
2022-08-10
|
CVE-2022-31778
|
Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2.
|
Traffic_server, Debian_linux
|
7.5
|
|
|
2021-05-11
|
CVE-2020-24587
|
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
|
C\-100_firmware, C\-110_firmware, C\-120_firmware, C\-130_firmware, C\-200_firmware, C\-230_firmware, C\-235_firmware, C\-250_firmware, C\-260_firmware, C\-65_firmware, C\-75_firmware, O\-105_firmware, O\-90_firmware, W\-118_firmware, W\-68_firmware, 1100\-4p_firmware, 1100\-8p_firmware, 1100_firmware, 1101\-4p_firmware, 1109\-2p_firmware, 1109\-4p_firmware, Aironet_1532_firmware, Aironet_1542d_firmware, Aironet_1542i_firmware, Aironet_1552_firmware, Aironet_1552h_firmware, Aironet_1572_firmware, Aironet_1702_firmware, Aironet_1800_firmware, Aironet_1800i_firmware, Aironet_1810_firmware, Aironet_1810w_firmware, Aironet_1815_firmware, Aironet_1815i_firmware, Aironet_1832_firmware, Aironet_1842_firmware, Aironet_1852_firmware, Aironet_2702_firmware, Aironet_2800_firmware, Aironet_2800e_firmware, Aironet_2800i_firmware, Aironet_3702_firmware, Aironet_3800_firmware, Aironet_3800e_firmware, Aironet_3800i_firmware, Aironet_3800p_firmware, Aironet_4800_firmware, Aironet_ap803_firmware, Aironet_iw3702_firmware, Catalyst_9105_firmware, Catalyst_9105axi_firmware, Catalyst_9105axw_firmware, Catalyst_9115_ap_firmware, Catalyst_9115_firmware, Catalyst_9115axe_firmware, Catalyst_9115axi_firmware, Catalyst_9117_ap_firmware, Catalyst_9117_firmware, Catalyst_9117axi_firmware, Catalyst_9120_ap_firmware, Catalyst_9120_firmware, Catalyst_9120axe_firmware, Catalyst_9120axi_firmware, Catalyst_9120axp_firmware, Catalyst_9124_firmware, Catalyst_9124axd_firmware, Catalyst_9124axi_firmware, Catalyst_9130_ap_firmware, Catalyst_9130_firmware, Catalyst_9130axe_firmware, Catalyst_9130axi_firmware, Catalyst_iw6300_ac_firmware, Catalyst_iw6300_dc_firmware, Catalyst_iw6300_dcw_firmware, Catalyst_iw6300_firmware, Esw6300_firmware, Ip_phone_6861_firmware, Ip_phone_8821_firmware, Ip_phone_8832_firmware, Ip_phone_8861_firmware, Ip_phone_8865_firmware, Ir829\-2lte\-Ea\-Ak9_firmware, Ir829\-2lte\-Ea\-Bk9_firmware, Ir829\-2lte\-Ea\-Ek9_firmware, Ir829gw\-Lte\-Ga\-Ck9_firmware, Ir829gw\-Lte\-Ga\-Ek9_firmware, Ir829gw\-Lte\-Ga\-Sk9_firmware, Ir829gw\-Lte\-Ga\-Zk9_firmware, Ir829gw\-Lte\-Na\-Ak9_firmware, Ir829gw\-Lte\-Vz\-Ak9_firmware, Meraki_gr10_firmware, Meraki_gr60_firmware, Meraki_mr12_firmware, Meraki_mr20_firmware, Meraki_mr26_firmware, Meraki_mr30h_firmware, Meraki_mr32_firmware, Meraki_mr33_firmware, Meraki_mr34_firmware, Meraki_mr36_firmware, Meraki_mr42_firmware, Meraki_mr42e_firmware, Meraki_mr44_firmware, Meraki_mr45_firmware, Meraki_mr46_firmware, Meraki_mr46e_firmware, Meraki_mr52_firmware, Meraki_mr53_firmware, Meraki_mr53e_firmware, Meraki_mr55_firmware, Meraki_mr56_firmware, Meraki_mr62_firmware, Meraki_mr66_firmware, Meraki_mr70_firmware, Meraki_mr72_firmware, Meraki_mr74_firmware, Meraki_mr76_firmware, Meraki_mr84_firmware, Meraki_mr86_firmware, Meraki_mx64w_firmware, Meraki_mx65w_firmware, Meraki_mx67cw_firmware, Meraki_mx67w_firmware, Meraki_mx68cw_firmware, Meraki_mx68w_firmware, Meraki_z3_firmware, Meraki_z3c_firmware, Webex_board_55_firmware, Webex_board_55s_firmware, Webex_board_70_firmware, Webex_board_70s_firmware, Webex_board_85s_firmware, Webex_dx70_firmware, Webex_dx80_firmware, Webex_room_55_dual_firmware, Webex_room_55_firmware, Webex_room_70_dual_firmware, Webex_room_70_dual_g2_firmware, Webex_room_70_firmware, Webex_room_70_single_firmware, Webex_room_70_single_g2_firmware, Webex_room_kit_firmware, Webex_room_kit_mini_firmware, Debian_linux, Ieee_802\.11, Ac_8260_firmware, Ac_8265_firmware, Ac_9260_firmware, Ac_9560_firmware, Killer_ac_1550_firmware, Killer_wi\-Fi_6_ax1650_firmware, Killer_wi\-Fi_6e_ax1675_firmware, Proset_ac_3165_firmware, Proset_ac_3168_firmware, Proset_ac_8260_firmware, Proset_ac_8265_firmware, Proset_ac_9260_firmware, Proset_ac_9461_firmware, Proset_ac_9462_firmware, Proset_ac_9560_firmware, Proset_wi\-Fi_6_ax200_firmware, Proset_wi\-Fi_6_ax201_firmware, Proset_wi\-Fi_6e_ax210_firmware, Proset_wireless_7265_\(Rev_d\)_firmware, Wi\-Fi_6_ax200_firmware, Wi\-Fi_6_ax201_firmware, Linux_kernel, Mac80211
|
2.6
|
|
|
2021-05-11
|
CVE-2020-24586
|
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
|
C\-200_firmware, C\-230_firmware, C\-235_firmware, C\-250_firmware, C\-260_firmware, Debian_linux, Ieee_802\.11, Ac_1550_firmware, Ac_3165_firmware, Ac_3168_firmware, Ac_7265_firmware, Ac_8260_firmware, Ac_8265_firmware, Ac_9260_firmware, Ac_9461_firmware, Ac_9462_firmware, Ac_9560_firmware, Ax1650_firmware, Ax1675_firmware, Ax200_firmware, Ax201_firmware, Ax210_firmware, Linux_kernel, Mac80211
|
3.5
|
|
|
2021-05-11
|
CVE-2020-24588
|
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
|
C\-100_firmware, C\-110_firmware, C\-120_firmware, C\-130_firmware, C\-200_firmware, C\-230_firmware, C\-235_firmware, C\-250_firmware, C\-260_firmware, C\-65_firmware, C\-75_firmware, O\-105_firmware, O\-90_firmware, W\-118_firmware, W\-68_firmware, 1100\-4p_firmware, 1100\-8p_firmware, 1100_firmware, 1101\-4p_firmware, 1109\-2p_firmware, 1109\-4p_firmware, Aironet_1532_firmware, Aironet_1542d_firmware, Aironet_1542i_firmware, Aironet_1800_firmware, Aironet_1800i_firmware, Aironet_1810_firmware, Aironet_1810w_firmware, Aironet_1815_firmware, Aironet_1815i_firmware, Aironet_1832_firmware, Aironet_1842_firmware, Aironet_1852_firmware, Aironet_ap803_firmware, Aironet_iw3702_firmware, Catalyst_9105_firmware, Catalyst_9105axi_firmware, Catalyst_9105axw_firmware, Catalyst_9115_ap_firmware, Catalyst_9115_firmware, Catalyst_9115axe_firmware, Catalyst_9115axi_firmware, Catalyst_9117_ap_firmware, Catalyst_9117_firmware, Catalyst_9117axi_firmware, Catalyst_9120_ap_firmware, Catalyst_9120_firmware, Catalyst_9120axe_firmware, Catalyst_9120axi_firmware, Catalyst_9120axp_firmware, Catalyst_9124_firmware, Catalyst_9124axd_firmware, Catalyst_9124axi_firmware, Catalyst_9130_ap_firmware, Catalyst_9130_firmware, Catalyst_9130axe_firmware, Catalyst_9130axi_firmware, Ip_phone_6861_firmware, Ip_phone_8821_firmware, Ip_phone_8832_firmware, Ip_phone_8861_firmware, Ip_phone_8865_firmware, Ir829\-2lte\-Ea\-Ak9_firmware, Ir829\-2lte\-Ea\-Bk9_firmware, Ir829\-2lte\-Ea\-Ek9_firmware, Ir829gw\-Lte\-Ga\-Ck9_firmware, Ir829gw\-Lte\-Ga\-Ek9_firmware, Ir829gw\-Lte\-Ga\-Sk9_firmware, Ir829gw\-Lte\-Ga\-Zk9_firmware, Ir829gw\-Lte\-Na\-Ak9_firmware, Ir829gw\-Lte\-Vz\-Ak9_firmware, Meraki_gr10_firmware, Meraki_gr60_firmware, Meraki_mr12_firmware, Meraki_mr20_firmware, Meraki_mr26_firmware, Meraki_mr30h_firmware, Meraki_mr32_firmware, Meraki_mr33_firmware, Meraki_mr34_firmware, Meraki_mr36_firmware, Meraki_mr42_firmware, Meraki_mr42e_firmware, Meraki_mr44_firmware, Meraki_mr45_firmware, Meraki_mr46_firmware, Meraki_mr46e_firmware, Meraki_mr52_firmware, Meraki_mr53_firmware, Meraki_mr53e_firmware, Meraki_mr55_firmware, Meraki_mr56_firmware, Meraki_mr62_firmware, Meraki_mr66_firmware, Meraki_mr70_firmware, Meraki_mr72_firmware, Meraki_mr74_firmware, Meraki_mr76_firmware, Meraki_mr84_firmware, Meraki_mr86_firmware, Meraki_mx64w_firmware, Meraki_mx65w_firmware, Meraki_mx67cw_firmware, Meraki_mx67w_firmware, Meraki_mx68cw_firmware, Meraki_mx68w_firmware, Meraki_z3_firmware, Meraki_z3c_firmware, Webex_board_55_firmware, Webex_board_55s_firmware, Webex_board_70_firmware, Webex_board_70s_firmware, Webex_board_85s_firmware, Webex_dx70_firmware, Webex_dx80_firmware, Webex_room_55_dual_firmware, Webex_room_55_firmware, Webex_room_70_dual_firmware, Webex_room_70_dual_g2_firmware, Webex_room_70_firmware, Webex_room_70_single_firmware, Webex_room_70_single_g2_firmware, Webex_room_kit_firmware, Webex_room_kit_mini_firmware, Debian_linux, Ieee_802\.11, Ac_8260_firmware, Ac_8265_firmware, Ac_9260_firmware, Ac_9560_firmware, Killer_ac_1550_firmware, Killer_wi\-Fi_6_ax1650_firmware, Killer_wi\-Fi_6e_ax1675_firmware, Proset_ac_3165_firmware, Proset_ac_3168_firmware, Proset_ac_8260_firmware, Proset_ac_8265_firmware, Proset_ac_9260_firmware, Proset_ac_9461_firmware, Proset_ac_9462_firmware, Proset_ac_9560_firmware, Proset_wi\-Fi_6_ax200_firmware, Proset_wi\-Fi_6_ax201_firmware, Proset_wi\-Fi_6e_ax210_firmware, Proset_wireless_7265_\(Rev_d\)_firmware, Wi\-Fi_6_ax200_firmware, Wi\-Fi_6_ax201_firmware, Linux_kernel, Mac80211, Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Scalance_w1748\-1_firmware, Scalance_w1750d_firmware, Scalance_w1788\-1_firmware, Scalance_w1788\-2_firmware, Scalance_w1788\-2ia_firmware, Scalance_w721\-1_firmware, Scalance_w722\-1_firmware, Scalance_w734\-1_firmware, Scalance_w738\-1_firmware, Scalance_w748\-1_firmware, Scalance_w761\-1_firmware, Scalance_w774\-1_firmware, Scalance_w778\-1_firmware, Scalance_w786\-1_firmware, Scalance_w786\-2_firmware, Scalance_w786\-2ia_firmware, Scalance_w788\-1_firmware, Scalance_w788\-2_firmware, Scalance_wam763\-1_firmware, Scalance_wam766\-1_6ghz_firmware, Scalance_wam766\-1_firmware, Scalance_wum763\-1_firmware, Scalance_wum766\-1_6ghz_firmware, Scalance_wum766\-1_firmware
|
3.5
|
|
|
2019-01-13
|
CVE-2019-6245
|
An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption.
|
Agg, Debian_linux, Svgpp
|
8.8
|
|
|
2019-08-16
|
CVE-2016-10894
|
xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to (and thus control) various programs such as Chromium via events such as pan scrolling, "pinch and zoom" gestures, or even regular mouse clicks (by depressing the touchpad once and then clicking with a different finger).
|
Debian_linux, Xtrlock
|
4.6
|
|
|
2021-08-05
|
CVE-2021-3682
|
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.
|
Debian_linux, Qemu, Enterprise_linux
|
8.5
|
|
|