MiracleLinux 9 : kernel-5.14.0-570.12.1.el9_6 (AXSA:2025-10392:38)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10392:38 advisory. kernel: drm: nv04: Fix out of bounds access CVE-2024-27008 kernel: Bluetooth: Fix use-after-free bugs caused by scosocktimeout CVE-2024-27398 kerne...

CVE-2025-36011

IBM Jazz for Service Management 1.1.3.0 through 1.1.3.24 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to...

Security Bulletin: IBM Jazz for Service Management is vulnerable to "cookiesEnabled" cookie not sent over SSL

Summary IBM Jazz for Service Management is vulnerable to "cookiesEnabled" cookie not sent over SSL CVE-2025-36011. Vulnerability Details CVEID:CVE-2025-36011 DESCRIPTION: IBM Jazz for Service Management does not set the secure attribute on authorization tokens or session cookies. Attackers may be...

CVE-2022-36011

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit 1cf45b831eeb0cab8655c9c7c5d06ec6f45fc41b. The fix will be included in...

CVE-2022-36011

creationtimestamp| type| source ---|---|--- 2025-04-23 17:05:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13090...

Linux Distros Unpatched Vulnerability : CVE-2024-36011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null- ptr-deref Fix potential null-ptr-deref in...

CVE-2024-36011

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in hcilebigsyncestablishedevt...

CVE-2023-36011

Win32k Elevation of Privilege Vulnerability...

CVE-2023-36011 Win32k Elevation of Privilege Vulnerability

...

CVE-2023-36011

CVE-2023-36011 is a Windows Win32k elevation-of-privilege vulnerability. Affected: Windows Win32K component (kernel-related). Nature: local exploit with low attack complexity and no user interaction; enables total impact on confidentiality, integrity, and availability. CVSSv3.1 base score 7.8 (HI...

KB5033373: Windows 10 Version 1607 and Windows Server 2016 Security Update (December 2023)

The remote Windows host is missing security update 5033373. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36006 - Win32k Elevation of Privilege Vulnerability CVE-2023-36011 - A division-by-zero...

KB5033420: Windows Server 2012 R2 Security Update (December 2023)

The remote Windows host is missing security update 5033420. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36006 - Win32k Elevation of Privilege Vulnerability CVE-2023-36011 - A division-by-zero...

KB5033372: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (December 2023)

The remote Windows host is missing security update 5033372. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36006 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability...

KB5033118: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (December 2023)

The remote Windows host is missing security update 5033118 or Azure HotPatch 5033464. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36006 - Windows Cloud Files Mini Filter Driver Elevation of...

CVE-2022-36011 Null dereference on MLIR on empty function attributes in TensorFlow

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit 1cf45b831eeb0cab8655c9c7c5d06ec6f45fc41b. The fix will be included in...

CVE-2022-36011

CVE-2022-36011 affects TensorFlow: a null dereference when mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes. Root cause: empty attributes lead to a null dereference in MLIR/TFG import. Remediation per sources: fix landed in TensorFlow 2.10.0 and will be cherry-pic...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-36011 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-36011 Source advisory: OSV:GHSA-FV43-93GV-VM8F...

aliby (>=0.1.18 <=0.1.55), aliby-baby (>=0.1.11 <=0.1.17) +29 more potentially affected by CVE-2022-36011 via tensorflow (>=2.9.0 <=2.9.0rc2)

tensorflow PYPI version =2.9.0, =0.1.18, =0.1.11, =0.30.0, =0.0.0, =1.3.0, =0.3.0, =1.0.1, =1.2.0, =0.0.6, =1.0.12, =0.1.0, =0.1.1 and more Source cves: CVE-2022-36011 Source advisory: OSV:GHSA-FV43-93GV-VM8F...

clip-jax (=0.0.5) potentially affected by CVE-2022-36011 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-36011 Source advisory: OSV:GHSA-FV43-93GV-VM8F...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-36011 via tensorflow-gpu (>=1.10.1 <=2.7.0)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-36011 Source advisory: OSV:GHSA-FV43-93GV-VM8F...