Ubuntu 20.04 LTS : Linux kernel (GCP) vulnerabilities (USN-8297-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8297-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...

USN-8255-1 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-fips, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

Exploit for Incorrect Authorization in Canonical Ubuntu_Linux

CVE-2023-2640/3262-PoC Minimal PoCs for Ubuntu OverlayFS loca...

CVE-2026-2640

During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...

MiracleLinux 4 : rh-mysql56-mysql-5.6.39-1.AXS4.1 (AXSA:2018-2638:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2638:01 advisory. mysql: sha256password authentication DoS via long password CVE-2018-2696 mysql: Server : Partition unspecified vulnerability CPU Jan 2018...

MiracleLinux 7 : pidgin-2.10.11-5.el7 (AXSA:2017-1913:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1913:01 advisory. Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell...

MiracleLinux 7 : rh-mysql56-mysql-5.6.39-1.el7.1 (AXSA:2018-2639:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2639:01 advisory. mysql: sha256password authentication DoS via long password CVE-2018-2696 mysql: Server : Partition unspecified vulnerability CPU Jan 2018...

EUVD-2026-2640

EUVD-2026-2640...

EUVD-2021-20863

Malware in sbrugna...

EUVD-2021-7591

Malicious code in bioql PyPI...

EUVD-2023-36421

Malicious code in bioql PyPI...

EUVD-2023-36418

Malicious code in bioql PyPI...

EUVD-2023-36417

Malicious code in bioql PyPI...

EUVD-2023-36415

Malicious code in bioql PyPI...

EUVD-2023-36419

Malicious code in bioql PyPI...

EUVD-2023-36416

Malicious code in bioql PyPI...

EUVD-2021-7589

Malicious code in bioql PyPI...

EUVD-2024-46529

Malicious code in bioql PyPI...

CVE-2021-34204

D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600DIR-2640 stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users...

CVE-2021-20132

Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote attacker to gain administrative access to the zebra or ripd those services. Both are running with root privileges on the router i.e., as the "admin" user, UID 0...