96 matches found
SUSE-SU-2023:2147-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation bsc1210498. -...
CVE-2023-1990 affecting package hyperv-daemons 5.10.174.1-1
CVE-2023-1990 affecting package hyperv-daemons 5.10.174.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-1990 affecting package kernel 5.10.174.1-1
CVE-2023-1990 affecting package kernel 5.10.174.1-1. A patched version of the package is available...
CVE-2023-1990 affecting package kernel for versions less than 5.15.107.1-2
CVE-2023-1990 affecting package kernel for versions less than 5.15.107.1-2. A patched version of the package is available...
Mageia: Security Advisory (MGASA-2023-0149)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-1990
A use-after-free flaw was found in ndlcremove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem...
CVE-2023-1990
CVE-2023-1990 describes a use-after-free in ndlc_remove() within Linux kernel’s drivers/nfc/st-nci/ndlc.c, enabling a local attacker to crash the system due to a race condition. The Astra Linux advisory (and Debian advisories with CVE lists) corroborate the same flaw in the Linux kernel. The prov...
CVE-2023-1990
A use-after-free flaw was found in ndlcremove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem...
UK Runs Fake DDoS-for-Hire Sites
Brian Krebs is reporting that the UKs National Crime Agency is setting up fake DDoS-for-hire sites as part of a sting operation: The NCA says all of its fake so-called "booter" or "stresser" sites - which have so far been accessed by several thousand people--have been created to look like they...
SUSE CVE-2013-1990
Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XvMCListSurfaceTypes and 2 XvMCListSubpictureTypes functions...
CVE-2022-1990
CVE-2022-1990 affects the WordPress Nested Pages plugin prior to version 3.1.21. The vulnerability arises because the plugin does not escape and sanitize certain settings, enabling Stored Cross-Site Scripting when unfiltered_html is disallowed. Public sources across Red Hat, NVD, CNVD, OSV, and P...
SUSE: Security Advisory (SUSE-SU-2013:1103-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0881-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1103-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-1990 PAN-OS: Buffer overflow in the management server
A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions...
CVE-2020-1990
The CVE-2020-1990 issue is a stack-based buffer overflow in PAN-OS management server. Affected: Palo Alto Networks PAN-OS 8.1.x before 8.1.13 and 9.0.x before 9.0.7 (not affecting 7.1). Exploitation requires authentication and can allow uploading a corrupted PAN-OS configuration with potential co...
shropshireandbeyond.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1073100 Security Researcher metamorfosec Helped patch 1990 vulnerabilities Received 9 Coordinated Disclosure badges Received 32 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting shropshireandbeyond.c...
buildersproject.eu Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1048231 Security Researcher metamorfosec Helped patch 1990 vulnerabilities Received 9 Coordinated Disclosure badges Received 32 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting buildersproject.eu...
mind-step.eu Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1048230 Security Researcher metamorfosec Helped patch 1990 vulnerabilities Received 9 Coordinated Disclosure badges Received 32 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting mind-step.eu website...
CVE-2019-1990
CVE-2019-1990 affects Android’s Media framework, specifically the ihevcd_fmt_conv_420sp_to_420p path in ihevcd_fmt_conv.c. The issue is an out-of-bounds write caused by a missing bounds check, enabling remote code execution with user interaction required. Affected Android versions: 7.0–9.0. The v...