Aggregator

CVE-2022-4129 | Linux Kernel L2TP net/l2tp/l2tp_core.c sk_user_data null pointer dereference (FEDORA-2022-24041b1667 / Nessus ID 234965)

Vuldb Updates
4 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function sk_user_data of the file net/l2tp/l2tp_core.c of the component L2TP Handler. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-4129. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2022-49728 | Linux Kernel up to 5.18.5 net/ipv6/ip6_output.c integer overflow (Nessus ID 234975)

Vuldb Updates
4 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.18.5. This issue affects some unknown processing of the file net/ipv6/ip6_output.c. The manipulation leads to integer overflow. The identification of this vulnerability is CVE-2022-49728. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-29162 | runc up to 1.1.1 default permission (GHSA-f3fp-gc8g-vw66 / Nessus ID 234976)

Vuldb Updates
4 months 2 weeks ago
A vulnerability was found in runc up to 1.1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect default permissions. This vulnerability is known as CVE-2022-29162. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-49636 | Linux Kernel up to 5.18.12 include/linux/slab.h vlan_newlink memory leak (Nessus ID 234975)

Vuldb Updates
4 months 2 weeks ago
A vulnerability classified as critical has been found in Linux Kernel up to 5.18.12. Affected is the function vlan_newlink in the library include/linux/slab.h. The manipulation leads to memory leak. This vulnerability is traded as CVE-2022-49636. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-13401 | Docker Engine up to 19.03.10 IPv6 input validation (Nessus ID 234982)

Vuldb Updates
4 months 2 weeks ago
A vulnerability was found in Docker Engine up to 19.03.10 and classified as critical. This issue affects some unknown processing of the component IPv6 Handler. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2020-13401. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-3044 | Document Foundation LibreOffice up to 7.6.6/24.2.2 Graphic On-click Binding code injection (Nessus ID 234987)

Vuldb Updates
4 months 2 weeks ago
A vulnerability was found in Document Foundation LibreOffice up to 7.6.6/24.2.2. It has been rated as critical. Affected by this issue is some unknown functionality of the component Graphic On-click Binding. The manipulation leads to code injection. This vulnerability is handled as CVE-2024-3044. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

AirBorne flaws can lead to fully hijack Apple devices

Security Affairs
4 months 2 weeks ago
Vulnerabilities in Apple’s AirPlay protocol and SDK exposed Apple and third-party devices to attacks, including remote code execution. Oligo Security found serious flaws, collectively tracked as AirBorne, in Apple’s AirPlay protocol and SDK, affecting Apple and third-party devices. Attackers can exploit the vulnerabilities to perform zero-/one-click RCE, bypass ACLs, read local files, steal data, and […]
Pierluigi Paganini

CVE-2025-4119 | Weitong Mall 1.0.0 Product Statistics /queryTotal isDelete access control

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. This vulnerability was named CVE-2025-4119. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-4118 | Weitong Mall 1.0.0 Product History /historyList isDelete access control

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability classified as critical has been found in Weitong Mall 1.0.0. This affects an unknown part of the file /historyList of the component Product History Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. This vulnerability is uniquely identified as CVE-2025-4118. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-4122 | Netgear JWNR2000v2 1.0.0.11 sub_435E04 host command injection

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been rated as critical. Affected by this issue is the function sub_435E04. The manipulation of the argument host leads to command injection. This vulnerability is handled as CVE-2025-4122. The attack may be launched remotely. There is no exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

Managed ad