Aggregator

A vulnerability classified as critical has been found in MediaTek MT6739, MT6761, MT6762, MT6768, MT6769, MT6779, MT6781, MT6785, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8321, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791T and MT8797. This affects an unknown part of the component ril. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2023-20795. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in MediaTek MT6879, MT6886, MT6895, MT6983, MT6985, MT8188, MT8195 and MT8673. Affected is an unknown function of the component Camera Middleware. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2023-20797. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in MediaTek MT2713, MT6879, MT6895, MT6983, MT8188, MT8195, MT8395 and MT8673. It has been declared as critical. This vulnerability affects unknown code of the component Imgsys. The manipulation leads to memory corruption. This vulnerability was named CVE-2023-20803. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in MediaTek MT2713, MT6879, MT6895, MT6983, MT8188, MT8195, MT8395 and MT8673. It has been rated as critical. This issue affects some unknown processing of the component Imgsys. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2023-20804. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in MediaTek MT2713, MT6879, MT6895, MT6983, MT8188, MT8195, MT8395 and MT8673. This affects an unknown part of the component Imgsys. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2023-20805. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in MediaTek MT5583, MT5691, MT5695, MT9010, MT9011, MT9012, MT9016, MT9020, MT9021, MT9022, MT9030, MT9031, MT9032, MT9215, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9285, MT9286, MT9288, MT9600, MT9602, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9629, MT9630, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9666, MT9667, MT9669, MT9670, MT9671, MT9675, MT9685, MT9686 and MT9688 and classified as critical. This vulnerability affects unknown code of the component Vdec. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2023-20809. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in MediaTek MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983 and MT6985. It has been classified as critical. Affected is an unknown function of the component WLAN Service. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2023-20814. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in MediaTek MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983 and MT6985. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WLAN Service. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2023-20816. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in MediaTek MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983 and MT6985. This affects an unknown part of the component WLAN Service. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2023-20815. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

Four cybersecurity companies have been fined millions of dollars for lackluster disclosures followi

error code: 1106

Linux 6.12-rc4 内核合并了一个补丁，从 MAINTAINERS 文件中删除了部分条目。该补丁由稳定版内核维护者 Greg Kroah-Hartman 发送到 [email protected] 邮件列表，他解释是各种合规要求，被删除的维护者未来在提供了足够的文件之后可以回归。受影响的都是俄籍维护者，多数使用了 .ru 邮件域名，其中包括了 Acer Aspire 1 EC 驱动、Cirrus Logic CLPS711X ARM 架构、Baikal-T1 PVT 硬件监视器驱动、Libata PATA 驱动、libata SATA AHCI Synopsys DWC 控制器驱动、ASCOT2E 媒体驱动、MIPS Baikal-T1 平台驱动、NTB IDT 驱动、PPTP 驱动、Renesas R-Car SATA 驱动、Renesas Super-H 以太网驱动和 UFS 文件系统的维护者。Greg Kroah-Hartman 没有给出相关的合规政策。

名为Gophish 的开源网络钓鱼工具包正被攻击者用来制作DarkCrystal RAT和PowerRAT远程访问木马，目标针对俄国用户。

Democratic lawmakers are asking the Department of Justice to prosecute major tax preparation firms

2024年10月17日，由中国互联网协会举办的《中国互联网企业综合实力指数（2024）》发布会在厦门成功召开， […]

A vulnerability was found in Suricata 4.0.4. It has been classified as critical. This affects an unknown part of the file app-layer-ssh.c of the component SSH Banner Parser. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2018-10242. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Suricata 4.0.4. It has been rated as critical. This issue affects the function DecodeENIPPDU of the file app-layer-enip-commmon.c of the component EtherNet/IP PDU Parser. The manipulation leads to integer overflow. The identification of this vulnerability is CVE-2018-10244. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Suricata 5.0.0. This affects an unknown part of the component TCP Session Handler. The manipulation as part of TCP Timestamp leads to injection. This vulnerability is uniquely identified as CVE-2019-18625. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in Suricata 5.0.0. This vulnerability affects unknown code of the component TCP Segment Handler. The manipulation leads to code injection. This vulnerability was named CVE-2019-18792. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.