117 matches found
[SECURITY] [DLA 3173-1] linux-5.10 security update
Debian LTS Advisory DLA-3173-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings November 1, 2022 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.149-2deb10u1 CVE ID : CVE-2021-4037 CVE-2022-0171 CVE-2022-1184 CVE-2022-1679 CVE-2022-2153 CVE-2022-2602...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2022-036 (ALASKERNEL-5.4-2022-036)
The version of kernel installed on the remote host is prior to 5.4.214-120.368. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-036 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Fr...
Important: kernel
Issue Overview: An out-of-bounds write flaw was found in the Linux kernels framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUTVSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2415)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2428)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-2153 affecting package kernel for versions less than 5.15.67.1-4
CVE-2022-2153 affecting package kernel for versions less than 5.15.67.1-4. A patched version of the package is available...
Debian: Security Advisory (DLA-3131-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-2153 affecting package kernel 5.10.134.1-2
CVE-2022-2153 affecting package kernel 5.10.134.1-2. A patched version of the package is available...
[SECURITY] [DLA 3131-1] linux security update
Debian LTS Advisory DLA-3131-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings October 01, 2022 https://wiki.debian.org/LTS Package : linux Version : 4.19.260-1 CVE ID : CVE-2021-4159 CVE-2021-33655 CVE-2021-33656 CVE-2022-1462 CVE-2022-1679 CVE-2022-2153...
Debian dla-3131 : hyperv-daemons - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3131 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3131-1 [email protected]...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2292)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-2153
CVE-2022-2153 is a vulnerability in the Linux kernel’s KVM related to setting a SynIC IRQ. The issue allows a misbehaving VMM to write to SYNIC/STIMER MSRs, which can cause a NULL pointer dereference and a kernel oops, enabling an unprivileged local attacker on the host to trigger a denial of ser...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.516.1.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460938 CVE-2022-2588 4.14.35-2047.516.1 - KVM: x86: Avoid theoretical NULL pointer dereference in kvmirqdeliverytoapicfast Vitaly Kuznetsov Orabug: 34323860 CVE-2022-2153 - KVM: x8...
SUSE SLES12 Security Update : drbd (SUSE-SU-2022:2153-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2153-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc. The packa...
SUSE: Security Advisory (SUSE-SU-2021:2153-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-2153
Vulnerability in the Oracle Internet Expenses product of Oracle E-Business Suite component: Mobile Expenses. Supported versions that are affected are 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Internet Expense...
CVE-2021-2153
CVE-2021-2153 affects Oracle E-Business Suite: Oracle Internet Expenses (Mobile Expenses) components, specifically versions 12.2.3–12.2.10. The vulnerability allows an unauthenticated attacker, over HTTP with network access, to compromise Oracle Internet Expenses. Exploitation requires user inter...
SUSE: Security Advisory (SUSE-SU-2015:0679-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-2153
Jenkins Backlog Plugin 2.4 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
CVE-2020-2153
CVE-2020-2153 affects Jenkins Backlog Plugin versions 2.4 and earlier. The root cause is that credentials are transmitted in plain text as part of job configuration forms, while stored credentials remain encrypted on disk. This can expose credentials to users with Extended Read permission when co...