2075 matches found
Important: ruby:2.5 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 For more detail...
[SECURITY] Fedora 35 Update: protobuf-3.14.0-7.fc35
Protocol Buffers are a way of encoding structured data in an efficient yet extensible format. Google uses Protocol Buffers for almost all of its internal RPC protocols and file formats. Protocol buffers are a flexible, efficient, automated mechanism for serializing structured data...
Hp Uefi 安全漏洞
Hp Uefi is a Unified Extensible Firmware Interface from Hewlett-Packard Hp. It is a method of handling the computer before loading the operating system. Hp Uefi has a security vulnerability that stems from a problem in the UEFI firmware BIOS that could allow privileged escalation and arbitrary co...
Hp Uefi 安全漏洞
Hp Uefi is a Unified Extensible Firmware Interface from Hewlett-Packard Hp. It is a method of handling the computer before loading the operating system. Hp Uefi has a security vulnerability that stems from a problem in the UEFI firmware BIOS that could allow privileged escalation and arbitrary co...
Hp Uefi 安全漏洞
Hp Uefi is a Unified Extensible Firmware Interface from Hewlett-Packard Hp. It is a method of handling the computer before loading the operating system. Hp Uefi has a security vulnerability that stems from a problem in the UEFI firmware BIOS that could allow privileged escalation and arbitrary co...
Hp Uefi 安全漏洞
Hp Uefi is a Unified Extensible Firmware Interface from Hewlett-Packard Hp. It is a method of handling the computer before loading the operating system. Hp Uefi has a security vulnerability that stems from a problem in the UEFI firmware BIOS that could allow privileged escalation and arbitrary co...
PT-2022-10894 · Amd · System Management Mode
Name of the Vulnerable Software and Affected Versions: AMD System Management Mode SMM affected versions not specified UEFI firmware BIOS for some PC products affected versions not specified Description: A potential issue in AMD System Management Mode SMM interrupt handler may allow an attacker wi...
CVE-2021-46365
An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute XML External Entity attacks via a crafted XLF file...
The vulnerability of the Windows Extensible Firmware Interface in the Windows operating system allows a hacker to perform a system shutdown.
The vulnerability of the Windows Extensible Firmware Interface in the operating system Windows is related to authentication errors when accessing files in the EFI partition. Exploiting this vulnerability can allow an attacker to perform a denial-of-service attack...
[SECURITY] Fedora 35 Update: perl-App-cpanminus-1.7045-1.fc35
Why? It's dependency free, requires zero configuration, and stands alone but it's maintainable and extensible with plug-ins and friendly to shell scripting. When running, it requires only 10 MB of RAM...
CVE-2021-28503
The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI...
Insyde InsydeH2O 权限许可和访问控制问题漏洞
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. Operating System H2O UEFI firmware is vulnerable to permission and access control issues, which can be...
Insyde InsydeH2O 缓冲区错误漏洞
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. Operating System H2O UEFI firmware has a security vulnerability that stems from a handler that does not...
Insyde InsydeH2O 安全漏洞
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. Operating System H2O UEFI firmware has a security vulnerability that could be exploited to elevate...
Insyde InsydeH2O 安全漏洞
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. Operating System H2O UEFI firmware contains a security vulnerability that can be exploited by attacker...
Insyde InsydeH2O 缓冲区错误漏洞
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. Operating System H2O UEFI firmware has a buffer overflow vulnerability that can be exploited to write fixed...
Combobulator - Framework To Detect And Prevent Dependency Confusion Leakage And Potential Attacks
Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks. This facilitates a holistic approach for ensuring secure application releases that can be evaluated against different sources e.g., GitHub Packages...
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
...
USN-5250-1 strongswan vulnerability
Zhuowei Zhang discovered that stringSwan incorrectly handled EAP authentication. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly bypass client and server authentication...
Xerces 安全漏洞
Xerces is an organization promoted by Apache an XML document parsing open source project . A denial of service vulnerability exists in the XML parser in Apache Xerces Java version 2.12.1 and prior versions, which stems from a failure to properly handle incoming error messages, and can be exploite...