VU#782720: TCG TPM2.0 implementations vulnerable to memory corruption
Overview
Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module (TPM) 2.0 reference...
VU#572615: Vulnerabilities in TP-Link routers, WR710N-V1-151022 and Archer C5 V2
Overview
TP-Link router WR710N-V1-151022 running firmware published 2015-10-22 and Archer-C5-V2-160201 running firmware published 2016-02-01 are susceptible...
VU#986018: New Netcomm router models NF20MESH, NF20, and NL1902 vulnerabilities
Overview
Netcomm router models NF20MESH, NF20, and NL1902 running software versions earlier than R6B035 contain two...
VU#709991: Netatalk contains muliple error and memory managment vulnerabilities
Overview
There are six new vulnerabilities in the latest release of Netatalk (3.1.12) that could allow...
VU#434994: Multiple race conditions due to TOCTOU flaws in various UEFI Implementations
Overview
Multiple Unified Extensible Firmware Interface (UEFI) implementations are vulnerable to code execution in System Management...
VU#794340: OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly
Overview
Two buffer overflow vulnerabilities were discovered in OpenSSL versions 3.0.0 through 3.0.6. These vulnerabilities were...
VU#730793: Heimdal Kerbos vulnerable to remotely triggered NULL pointer dereference
Overview
The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker...
VU#915563: Microsoft Exchange vulnerable to server-side request forgery and remote code execution.
Overview
Microsoft Exchange 2019 Cumulative Update 23 and earlier versions are vulnerable to a server-side request...
VU#855201: L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers
Overview
Layer-2 (L2) network security controls provided by various devices, such as switches, routers, and operating...
VU#309662: Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass
Overview
A security feature bypass vulnerability exists in signed 3rd party UEFI bootloaders that allows...
VU#495801: muhttpd versions 1.1.5 and earlier are vulnerable to path traversal
Overview
Versions 1.1.5 and earlier of the mu HTTP deamon (muhttpd) are vulnerable to path traversal...
VU#142546: SMA Technologies OpCon UNIX agent adds the same SSH key to all installations
Overview
SMA Technologies OpCon UNIX agent adds the same SSH key on every installation and subsequent...