A vulnerability classified as problematic was found in Pengutronix Barebox up to 2021.07.0. This vulnerability affects the function memcmp
of the file crypto/digest.c of the component Digest Verification. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com.
Pengutronix Barebox up to 2021.07.0 Digest Verification crypto/digest.c memcmp timing discrepancy
- Virtual Patching
- August 4, 2021
- 9:05 am
CVE-2024-7261 : ZYXEL NWA1123ACV3/WAC500/WAX655E/WBE530/USG LITE 60AX COOKIE HOST OS COMMAND INJECTION
Description The improper neutralization of special elements in the parameter “host” in the CGI program of Zyxel NWA1123ACv3 firmware version
CVE-2024-1621 : NT-WARE UNIFLOW ONLINE UP TO 2024.1.0 REGISTRATION VERIFICATION OF SOURCE
Description The registration process of uniFLOW Online (NT-ware product) apps, prior to and including version 2024.1.0, can be compromised when
CVE-2024-45623 : D-LINK DAP-2310 1.16RC028 ATP BINARY STACK-BASED OVERFLOW
Description D-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code via a stack-based buffer overflow in