|
303521
|
7.5 |
HIGH
Network
|
balasys
siemens
suse
f5
hpe
stormshield
|
dheater
scalance_w1750d_firmware
linux_enterprise_server
big-iq_centralized_management
traffix_signaling_delivery_controller
big-ip_service_proxy
big-ip_access_policy_manager
big…
|
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exp…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2002-20001
|
2024-11-21 08:42 |
2021-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303522
|
- |
|
gehealthcare
|
entegra_p\&r
|
GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics p…
|
CWE-255
Credentials Management
|
CVE-2001-1594
|
2024-11-21 08:38 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303523
|
- |
|
gnu
|
a2ps
|
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink atta…
|
CWE-59
Link Following
|
CVE-2001-1593
|
2024-11-21 08:38 |
2014-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303524
|
7.5 |
HIGH
Network
|
openssl
|
openssl
|
crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection…
|
CWE-310
Cryptographic Issues
|
CVE-2000-1254
|
2024-11-21 08:34 |
2016-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303525
|
- |
|
apache
|
jserv
|
The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensiti…
|
CWE-16
Configuration
|
CVE-2000-1247
|
2024-11-21 08:34 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303526
|
9.8 |
CRITICAL
Network
|
gnu
|
glibc
|
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dan…
|
CWE-252
Unchecked Return Value
|
CVE-1999-0199
|
2024-11-21 08:28 |
2020-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303527
|
3.3 |
LOW
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86/tdx: Fix data leak in mmio_read()
The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an
address from the VMM…
|
NVD-CWE-noinfo
|
CVE-2024-46794
|
2024-11-21 05:56 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303528
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration
[Why]
Coverity reports Memory - illegal accesses.
…
|
NVD-CWE-noinfo
|
CVE-2024-46812
|
2024-11-21 05:48 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303529
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: fix firmware crash due to invalid peer nss
Currently, if the access point receives an association
request containin…
|
NVD-CWE-noinfo
|
CVE-2024-46827
|
2024-11-21 05:40 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303530
|
- |
|
-
|
-
|
A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected i…
|
-
|
CVE-2024-52762
|
2024-11-21 05:35 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
