27 matches found
USN-8266-1 linux, linux-aws, linux-aws-fips, linux-aws-hwe, linux-azure-4.15, linux-fips, linux-gcp, linux-gcp-4.15, linux-gcp-fips, linux-hwe, linux-kvm, linux-oracle vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...
CVE-2024-27388
creationtimestamp| type| source ---|---|--- 2026-05-10 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities20260511...
CVE-2026-27388
Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through = 2.0...
CVE-2026-27388
Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through = 2.0...
CVE-2025-27388 Arbitrary URL Loading in WebView Leading to Token Leakage Risk
Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens...
CVE-2025-27388 Arbitrary URL Loading in WebView Leading to Token Leakage Risk
Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens...
PT-2025-33131 · Webview · Webview
Name of the Vulnerable Software and Affected Versions: versions prior to 2025-27388 Description: Loading arbitrary external URLs through WebView components introduces malicious JavaScript JS code that can steal arbitrary user tokens. Recommendations: At the moment, there is no information about a...
CVE-2023-27388
Improper authentication vulnerability in T Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to login to the product as a registered user. Affected products and versions are as follows: T Corporation data logger products TR-71W/72W all firmware versions...
CVE-2023-27388
creationtimestamp| type| source ---|---|--- 2025-02-01 17:28:09+00:00| seen| Telegram/h2R6MoZTYUzpujJyqd5QX2J3Z7HA9KYHhRItoNg3JhI8rFqa...
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-075)
The version of kernel installed on the remote host is prior to 5.10.214-202.855. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-075 advisory. 2025-01-21: CVE-2024-26878 was added to this advisory. 2025-01-21: CVE-2024-27388 was added to this...
RockyLinux 8 : kernel-rt (RLSA-2024:5102)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5102 advisory. kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: tracing: Restructure traceclockglobal to never block...
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2024-27388 affecting package hyperv-daemons for versions less than 6.6.35.1-1
CVE-2024-27388 affecting package hyperv-daemons for versions less than 6.6.35.1-1. An upgraded version of the package is available that resolves this issue...
USN-6821-4: Linux kernel (Azure) vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...
BELL-CVE-2024-27388
Bulletin has no description...
CVE-2024-27388
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssxdecoptionarray The creds and oa-data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths...
CVE-2024-27388 SUNRPC: fix some memleaks in gssx_dec_option_array
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssxdecoptionarray The creds and oa-data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths...
CVE-2024-27388 SUNRPC: fix some memleaks in gssx_dec_option_array
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssxdecoptionarray The creds and oa-data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths...
CVE-2024-27388
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssxdecoptionarray The creds and oa-data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths...
CVE-2023-27388
CVE-2023-27388 covers an improper authentication flaw in T&D Corporation and ESPEC MIC CORP. data logger products. Affected models include T&D TR-71W/72W, RTR-5W, WDR-7, WDR-3, WS-2 and ESPEC MIC RT-12N/RS-12N, RT-22BN, TEU-12N all firmware versions. The vulnerability allows a remote unauthentica...