EUVD-2022-7073

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-45802

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a HTTP/2 stream was reset RST frame by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead,...

Linux Distros Unpatched Vulnerability : CVE-2019-9514

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an...

iOS/MacOS kernel double free due to IOSurfaceRootUserClient not respecting MIG ownership rules(CVE-2017-13861)

I have previously detailed the lifetime management paradigms in MIG in the writeups for: CVE-2016-7612 https://bugs.chromium.org/p/project-zero/issues/detail?id=926 and CVE-2016-7633 https://bugs.chromium.org/p/project-zero/issues/detail?id=954 If a MIG method returns KERNSUCCESS it means that th...