Aggregator

CVE-2023-32843 | MediaTek MT6990 NR15/NR16/NR17 5G Modem denial of service (MOLY01130204)

Vuldb Updates
10 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in MediaTek MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989 and MT6990 NR15/NR16/NR17. Affected by this issue is some unknown functionality of the component 5G Modem. The manipulation leads to denial of service. This vulnerability is handled as CVE-2023-32843. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2023-32854 | MediaTek MT8798 Ril out-of-bounds write (ALPS08240132)

Vuldb Updates
10 months 2 weeks ago
A vulnerability was found in MediaTek MT6835, MT6879, MT6886, MT6895, MT6983, MT6985, MT8321, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797 and MT8798. It has been rated as critical. This issue affects some unknown processing of the component Ril. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2023-32854. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2023-32863 | MediaTek MT8781 Display DRM out-of-bounds (ALPS07326314)

Vuldb Updates
10 months 2 weeks ago
A vulnerability was found in MediaTek MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985 and MT8781 and classified as problematic. This issue affects some unknown processing of the component Display DRM. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2023-32863. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2023-42736 | Unisoc S8000 Telecom Service permission

Vuldb Updates
10 months 2 weeks ago
A vulnerability was found in Unisoc SC7731E, SC9832E, SC9863A, T310, T606, T612, T616, T610, T618, T760, T770, T820 and S8000 and classified as critical. Affected by this issue is some unknown functionality of the component Telecom Service. The manipulation leads to permission issues. This vulnerability is handled as CVE-2023-42736. Attacking locally is a requirement. There is no exploit available.
vuldb.com

CVE-2023-5953 | Welcart e-Commerce Plugin up to 2.9.4 on WordPress AJAX Action cross-site request forgery

Vuldb Updates
10 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in Welcart e-Commerce Plugin up to 2.9.4 on WordPress. Affected by this issue is some unknown functionality of the component AJAX Action Handler. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2023-5953. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-40076 | Google Android 14 CredentialManagerUi.java createPendingetent information disclosure

Vuldb Updates
10 months 2 weeks ago
A vulnerability has been found in Google Android 14 and classified as problematic. This vulnerability affects the function createPendingetent of the file CredentialManagerUi.java. The manipulation leads to information disclosure. This vulnerability was named CVE-2023-40076. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2025-21224 | Microsoft Windows up to Server 2025 Line Printer Daemon use after free

Vuldb Updates
10 months 2 weeks ago
A vulnerability was found in Microsoft Windows up to Server 2025. It has been classified as critical. Affected is an unknown function of the component Line Printer Daemon. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-21224. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Are Airport IT Teams Feeling the Heat of Summer Travel?

Netscout
10 months 2 weeks ago
Why is airport Wi-Fi so painfully slow? It’s a familiar complaint and a constant source of frustration. Whether they’re scanning, swiping, streaming, or checking in, travelers count on digital services to work flawlessly from curb to gate. As the summer travel season kicks into high gear, how can airport IT teams keep...
Anthony Cote

Apache InLong JDBC Vulnerability Enables Deserialization of Untrusted Data

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
10 months 2 weeks ago

A moderate-severity vulnerability, tracked as CVE-2025-27522, has been disclosed in Apache InLong, a popular data integration platform. The flaw, affecting versions 1.13.0 through 2.1.0, centers on the deserialization of untrusted data during JDBC (Java Database Connectivity) verification processing. This vulnerability is classified as a secondary mining bypass for the previously reported CVE-2024-26579, indicating that earlier […]

The post Apache InLong JDBC Vulnerability Enables Deserialization of Untrusted Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

CVE-2022-34917 | Apache Kafka up to 2.8.1/3.0.1/3.1.1/3.2.2 Broker memory allocation

Vuldb Updates
10 months 2 weeks ago
A vulnerability was found in Apache Kafka up to 2.8.1/3.0.1/3.1.1/3.2.2. It has been classified as problematic. Affected is an unknown function of the component Broker. The manipulation leads to uncontrolled memory allocation. This vulnerability is traded as CVE-2022-34917. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-40955 | Apache InLong up to 1.2.x MySQL JDBC connection URL deserialization

Vuldb Updates
10 months 2 weeks ago
A vulnerability classified as critical has been found in Apache InLong up to 1.2.x. Affected is an unknown function of the component MySQL JDBC connection URL Handler. The manipulation leads to deserialization. This vulnerability is traded as CVE-2022-40955. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad