Huawei Mate 8; Huawei P9; Huawei P9 Plus Security Vulnerabilities

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2024-21094 DESCRIPTION: **An unspecified vulnerability in Java SE related...

Cisco NX-OS Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific...

CVE-2021-3571 affecting package linuxptp 2.0-8

CVE-2021-3571 affecting package linuxptp 2.0-8. This CVE either no longer is or was never...

CVE-2019-20633 affecting package patch 2.7.6-8

CVE-2019-20633 affecting package patch 2.7.6-8. No patch is available...

CVE-2023-22609 affecting package binutils 2.37-8

CVE-2023-22609 affecting package binutils 2.37-8. This CVE either no longer is or was never...

CVE-2023-22604 affecting package binutils 2.37-8

CVE-2023-22604 affecting package binutils 2.37-8. This CVE either no longer is or was never...

CVE-2023-22607 affecting package binutils 2.37-8

CVE-2023-22607 affecting package binutils 2.37-8. This CVE either no longer is or was never...

CVE-2023-22606 affecting package binutils 2.37-8

CVE-2023-22606 affecting package binutils 2.37-8. This CVE either no longer is or was never...

CVE-2022-41725 affecting package gcc 11.2.0-8

CVE-2022-41725 affecting package gcc 11.2.0-8. This CVE either no longer is or was never...

CVE-2022-2990 affecting package buildah 1.18.0-8

CVE-2022-2990 affecting package buildah 1.18.0-8. This CVE either no longer is or was never...

CVE-2022-41724 affecting package gcc 11.2.0-8

CVE-2022-41724 affecting package gcc 11.2.0-8. This CVE either no longer is or was never...

CVE-2023-22605 affecting package binutils 2.37-8

CVE-2023-22605 affecting package binutils 2.37-8. This CVE either no longer is or was never...

CVE-2023-22603 affecting package binutils 2.37-8

CVE-2023-22603 affecting package binutils 2.37-8. This CVE either no longer is or was never...

CVE-2020-25657 affecting package m2crypto 0.35.2-8

CVE-2020-25657 affecting package m2crypto 0.35.2-8. No patch is available...

CVE-2020-8563 affecting package kubernetes-1.18.14 1.18.14-8

CVE-2020-8563 affecting package kubernetes-1.18.14 1.18.14-8. No patch is available...

CVE-2023-44487 affecting package kata-containers for versions less than 3.1.0-8

CVE-2023-44487 affecting package kata-containers for versions less than 3.1.0-8. A patched version of the package is...

CVE-2024-6387

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that...

CapraRAT Spyware Disguised as Popular Apps Threatens Android Users

The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a new expansion...

BIT-bpftool-2021-45941

libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from bpf_object__open_mem and...

Model Extraction from Neural Networks

A new paper, "Polynomial Time Cryptanalytic Extraction of Neural Network Models," by Adi Shamir and others, uses ideas from differential cryptanalysis to extract the weights inside a neural network using specific queries and their results. This is much more theoretical than practical, but it's a...

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability, codenamed regreSSHion, has been assigned the CVE identifier CVE-2024-6387. It...

Exploit for CVE-2024-37765

Description MachForm up to version 19 is affected by an...

Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-1874)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1877)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1850)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1865)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1861)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1856)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for iSulad (EulerOS-SA-2024-1858)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for iSulad (EulerOS-SA-2024-1872)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1859)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1867)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-1854)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1871)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1863)

The remote host is missing an update for the Huawei...

OpenSSH -- Race condition resulting in potential remote code execution

The OpenSSH project reports: A race condition in sshd(8) could allow remote code execution as root on non-OpenBSD...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1853)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1855)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1876)

The remote host is missing an update for the Huawei...

CVE-2016-20022

In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the...

CVE-2024-37354

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192) ...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1866)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1875)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-1868)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1852)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1864)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1862)

The remote host is missing an update for the Huawei...

Debian: Security Advisory (DLA-3840-1)

The remote host is missing an update for the...

Important Photon OS Security Update - PHSA-2024-4.0-0642

Updates of ['openssh'] packages of Photon OS have been...

FreeBSD-SA-24:04.openssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:04.openssh Security Advisory The FreeBSD Project Topic: OpenSSH pre-authentication remote code execution Category: contrib Module: openssh Announced:...