74 matches found
EUVD-2001-0898
Malware in sbrugna...
CVE-2024-40828
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A malicious app may be able to gain root privileges...
CVE-2024-28136
CVE-2024-28136 describes a command-injection on PHOENIX CONTACT CHARX SEC devices via the OCPP Remote service. Multiple connected sources (ZDI, NVD, CVE listings) indicate the flaw resides in input validation when processing Charger ID/remote commands (e.g., Get Diagnostics), enabling a low-privi...
Code injection
This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges...
CVE-2023-32426
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to gain root privileges...
Ubuntu: Security Advisory (USN-4442-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : kernel (SUSE-SU-2022:2629-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2629-1 advisory. - In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-fre...
CVE-2021-1813
A validation issue was addressed with improved logic. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to gain root privileges...
There are multiple vulnerabilities in the AIX kernel,There are multiple vulnerabilities in the AIX kernel for VIOS
IBM SECURITY ADVISORY First Issued: Wed Aug 25 14:58:13 CDT 2021 |Update 2: Wed Sep 1 16:11:34 CDT 2021 |Update: Additional iFixes are now available. | Additional iFixes are now available for: | AIX 7100-05-06 and 7100-05-07 | AIX 7200-03-05 and 7200-03-06 | AIX 7200-04-02 and 7200-04-03 | AIX...
macOS 11.x < 11.5 Multiple Vulnerabilities (HT212602)
The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.5. It is, therefore, affected by multiple vulnerabilities: - A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage...
About the security content of iOS 14.6 and iPadOS 14.6
About the security content of iOS 14.6 and iPadOS 14.6 This document describes the security content of iOS 14.6 and iPadOS 14.6. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...
Sudo 缓冲区错误漏洞
Sudo is a program used on Unix-like systems that allows the user to execute commands in a secure way with special privileges. Sudo suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to gain root privileges on the system...
CVE-2019-4031
IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a vulnerability that could allow a local user to write files as root in the file system, which could allow the attacker to gain root privileges. IBM X-Force ID: 155997...
Solaris libnspr NSPR_LOG_FILE Privilege Escalation
This module exploits an arbitrary file write vulnerability in the Netscape Portable Runtime library libnspr on unpatched Solaris systems prior to Solaris 10u3 which allows users to gain root privileges. libnspr versions prior to 4.6.3 allow users to specify a log file with the NSPRLOGFILE...
Ubuntu: Security Advisory (USN-3664-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : Apport vulnerability (USN-3664-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3664-1 advisory. Sander Bos discovered that Apport incorrectly handled core dumps when certain files are missing from /proc. A local attacker could possibly use this...
CVE-2018-10361
An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauthktexteditorhelper service as utilized in the Kate text editor can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one use...
USN-3480-3: Apport regression
USN-3480-2 fixed regressions in Apport. The update introduced a new regression in the container support. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Sander Bos discovered that Apport incorrectly handled core dumps for setuid binaries. A local...
Ubuntu: Security Advisory (USN-3480-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : Apport vulnerabilities (USN-3480-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3480-1 advisory. Sander Bos discovered that Apport incorrectly handled core dumps for setuid binaries. A local attacker could use this issue to perform a deni...