Vulnerabilities

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2024-0193.

In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible.

In Splunk Enterprise Security (ES) versions lower than 7.1.2, an attacker can create a malformed Investigation to perform a denial of service (DoS). The malformed investigation prevents the generation and rendering of the Investigations manager until it is deleted.The vulnerability requires an authenticated session and access to create an Investigation. It only affects the availability of the Investigations manager, but without the manager, the Investigations functionality becomes unusable for most users.

Issue summary: The POLY1305 MAC (message authentication code) implementation<br /> contains a bug that might corrupt the internal state of applications running<br /> on PowerPC CPU based platforms if the CPU provides vector instructions.<br /> <br /> Impact summary: If an attacker can influence whether the POLY1305 MAC<br /> algorithm is used, the application state might be corrupted with various<br /> application dependent consequences.<br /> <br /> The POLY1305 MAC (message authentication code) implementation in OpenSSL for<br /> PowerPC CPUs restores the contents of vector registers in a different order<br /> than they are saved. Thus the contents of some of these vector registers<br /> are corrupted when returning to the caller. The vulnerable code is used only<br /> on newer PowerPC processors supporting the PowerISA 2.07 instructions.<br /> <br /> The consequences of this kind of internal application state corruption can<br /> be various - from no consequences, if the calling application does not<br /> depend on the contents of non-volatile XMM registers at all, to the worst<br /> consequences, where the attacker could get complete control of the application<br /> process. However unless the compiler uses the vector registers for storing<br /> pointers, the most likely consequence, if any, would be an incorrect result<br /> of some application dependent calculations or a crash leading to a denial of<br /> service.<br /> <br /> The POLY1305 MAC algorithm is most frequently used as part of the<br /> CHACHA20-POLY1305 AEAD (authenticated encryption with associated data)<br /> algorithm. The most common usage of this AEAD cipher is with TLS protocol<br /> versions 1.2 and 1.3. If this cipher is enabled on the server a malicious<br /> client can influence whether this AEAD cipher is used. This implies that<br /> TLS server applications using OpenSSL can be potentially impacted. However<br /> we are currently not aware of any concrete application that would be affected<br /> by this issue therefore we consider this a Low severity security issue.

A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249856. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic has been found in Totolink T6 4.1.9cu.5241_B20210923. This affects an unknown part of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249867. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.

EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.

EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.

A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249855. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

<br /> A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn&amp;#39;t normally have permission to. After a scan, the Engine would follow the links and remove the files<br /> <br />

<br /> A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the disabling of event reporting to ePO, caused by failure to validate input from the file correctly. <br /> <br />