Inserito da Angelo Barbosa | Apr 1, 2024 | CVE
A vulnerability was found in Axigen and classified as problematic. Affected by this issue is some unknown functionality of the component WebMail. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-25080. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected...
Per saperne di piùInserito da Angelo Barbosa | Apr 1, 2024 | CVE
A vulnerability has been found in Linux Kernel up to 6.9-rc1 and classified as problematic. Affected by this vulnerability is the function auxiliary_device_add of the component ljca. The manipulation leads to double free. This vulnerability is known as CVE-2024-26653. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected...
Per saperne di piùInserito da Angelo Barbosa | Apr 1, 2024 | CVE
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.9-rc1. Affected is the function del_timer of the component ALSA. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-26654. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected...
Per saperne di piùInserito da Angelo Barbosa | Apr 1, 2024 | CVE
A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android. This issue affects some unknown processing of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2024-3128. It is possible to launch the attack on the physical device. Furthermore, there is an exploit available. The vendor was contacted early and responded very quickly. He does not intend to maintain the app anymore and will revoke the availability in the Google Play Store. It is recommended to replace the affected component with an...
Per saperne di piùInserito da Angelo Barbosa | Apr 1, 2024 | CVE
A vulnerability classified as problematic was found in Zebra ZTC GK420d 1.0. This vulnerability affects unknown code of the file /settings of the component Alert Setup Page. The manipulation of the argument Address leads to cross site scripting. This vulnerability was named CVE-2024-3125. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any...
Per saperne di più