- + VU#417980: Implementations of UDP-based application protocols are vulnerable to network loops—Overview A novel traffic-loop vulnerability has been identified against certain implementations of UDP-based applications protocols. An unauthentic...
- + VU#417980: UDP-based, application-layer protocol implementations are vulnerable to network loops—Overview A novel traffic-loop vulnerability has been identified against certain implementations of UDP-based applications protocols. An unauthentic...
- + VU#488902: CPU hardware utilizing speculative execution may be vulnerable to speculative race conditions—Overview A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution has been discovered...
- + VU#949046: Sceiner firmware locks and associated devices are vulnerable to encryption downgrade and arbitrary file upload attacks—Overview Kontrol and Elock locks are electronic locks that utilize firmware provided by Sciener. This firmware works in tandem with an app, called t...
- + VU#446598: GPU kernel implementations susceptible to memory leak—Overview General-purpose graphics processing unit (GPGPU) platforms from AMD, Apple, and Qualcomm fail to adequately isolate process memory, thereby...
- + VU#302671: SMTP end-of-data uncertainty can be abused to spoof emails and bypass policies—Overview A vulnerability has been found in the way that SMTP servers and software handle the end-of-data sequences (essentially the end of a single ...
- + VU#132380: Vulnerabilities in EDK2 NetworkPkg IP stack implementation.—Overview Multiple vulnerabilities were discovered in the TCP/IP stack (NetworkPkg) of Tianocore EDKII, an open source implementation of Unified Exte...
- + VU#811862: Image files in UEFI can be abused to modify boot behavior—Overview Implementation of Unified Extensible Firmware Interface (UEFI) by Vendors provide a way to customize logo image displayed during the early ...
- + VU#347067: Multiple BGP implementations are vulnerable to improperly formatted BGP updates—Overview Multiple BGP implementations have been identified as vulnerable to specially crafted Path Attributes of a BGP UPDATE. Instead of ignoring i...
- + VU#304455: Authentication Bypass in Tenda N300 Wireless N VDSL2 Modem Router—Overview An authentication bypass vulnerability exists in the N300 Wireless N VDSL2 Modem Router manufactured by Tenda. This vulnerability allows a ...
- + VU#757109: Groupnotes Inc. Videostream Mac client allows for privilege escalation to root account—Overview Groupnotes Inc. Videostream Mac client installs a LaunchDaemon that runs with root privileges. The daemon is vulnerable to a race condition...
- + VU#287122: Parsec Remote Desktop App is prone to a local elevation of privilege due to a logical flaw in its code integrity verification process—Overview Parsec updater for Windows was prone to a local privilege escalation vulnerability, this vulnerability allowed a local user with Parsec acc...
- + VU#127587: Python Parsing Error Enabling Bypass CVE-2023-24329—Overview urllib.parse is a very basic and widely used basic URL parsing function in various applications. Description An issue in the urllib.par...
- + VU#947701: Freewill Solutions IFIS new trading web application vulnerable to unauthenticated remote code execution—Overview Freewill Solutions IFIS new trading web application version 20.01.01.04 is vulnerable to unauthenticated remote code execution. Successful ...
- + VU#813349: Software driver for D-Link Wi-Fi USB Adapter vulnerable to service path privilege escalation—Overview The software driver for D-Link DWA-117 AC600 MU-MIMO Wi-Fi USB Adapter contains a unquoted service path privilege escalation vulnerability....
- + VU#653767: Perimeter81 macOS Application Multiple Vulnerabilities—Overview A command injection vulnerability can be used in the Perimeter81 macOS application to run arbitrary commands with administrative privileges...
- + VU#913565: Hard-coded credentials in Technicolor TG670 DSL gateway router—Overview The Technicolor TG670 DSL Gateway Router includes a hard-coded service account that allows for authentication over services on the WAN inte...
- + VU#782720: TCG TPM2.0 implementations vulnerable to memory corruption—Overview Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module (TPM) 2.0 reference library specification, currently at...
- + VU#572615: Vulnerabilities in TP-Link routers, WR710N-V1-151022 and Archer C5 V2—Overview TP-Link router WR710N-V1-151022 running firmware published 2015-10-22 and Archer-C5-V2-160201 running firmware published 2016-02-01 are sus...
As of 3/28/24 12:03pm. Last new 3/20/24 5:56pm. Score: 394
- Next feed in category: US-CERT Technical Cyber Security Alerts