39 matches found
Ubuntu: Security Advisory (USN-6397-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2843)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6339-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6357-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6339-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6349-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6350-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6351-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6351-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6351-1 advisory. It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker cou...
OESA-2023-1469 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21255
In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21255
CVE-2023-21255 is a memory corruption vulnerability in the Linux kernel binder.c caused by a use-after-free. It leads to local privilege escalation with no extra privileges or user interaction required (CVSS 3.1 base 7.8). Affected component: binder.c in the kernel; impact is described as local e...
CVE-2023-21255
In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Oracle E-Business Suite (Jan 2022 CPU)
The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2022 CPU advisory. - Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite component: Intelligence, RFx Creation. Supported versions that ar...
CVE-2022-21255
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: UI Servlet. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Configurator. Successful...
CVE-2022-21255
CVE-2022-21255 affects Oracle E-Business Suite Configurator (UI Servlet). Affected versions are 12.2.3–12.2.11. The vulnerability allows a network-accessible, low-privilege attacker to exploit via HTTP to compromise data, enabling unauthorized creation/deletion/modification of Oracle Configurator...
Security fix for the ALT Linux 10 package glpi version 9.5.4-alt1
March 31, 2021 Pavel Zilke 9.5.4-alt1 - New version 9.5.4 - This is a security release, upgrading is recommended - Security fixes: + CVE-2021-21326 : Horizontal Privilege Escalation + CVE-2021-21255 : entities switch IDOR + CVE-2021-21258 : XSS injection in ajax/kanban + CVE-2021-21314 : XSS...
CVE-2021-21255
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI version 9.5.3, it was possible to switch entities with IDOR from a logged in user. This is fixed in version 9.5.4...
CVE-2021-21255
CVE-2021-21255 relates to GLPI 9.5.3 where an authenticated user could perform an Insecure Direct Object Reference (IDOR) to switch entities. The issue is resolved in GLPI 9.5.4. The vulnerability affects the web application’s entity switching logic; no exploitation details are provided beyond th...