7485 matches found
CVE-2023-40352
McAfee Safe Connect before 2.16.1.126 may allow an adversary with system privileges to achieve privilege escalation by loading arbitrary DLLs...
[SECURITY] Fedora 38 Update: dotnet7.0-7.0.110-1.fc38
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
[SECURITY] Fedora 38 Update: dotnet6.0-6.0.121-1.fc38
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
[SECURITY] Fedora 37 Update: dotnet7.0-7.0.110-1.fc37
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
[SECURITY] Fedora 37 Update: dotnet6.0-6.0.121-1.fc37
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
PT-2023-4542 · Mcafee · Mcafee Safe Connect
Name of the Vulnerable Software and Affected Versions: McAfee Safe Connect versions prior to 2.16.1.126 Description: The issue is related to an uncontrolled search path element, which may allow an adversary with system privileges to achieve privilege escalation by loading arbitrary DLLs. This can...
SUSE SLED15: java-1_8_0-openj9 / java-1_8_0-openj9-accessibility / etc (SUSE-SU-2023:3332-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3332-1 advisory. OpenJDK was updated to version 8u382 build 05 with OpenJ9 0.40.0 VM: - CVE-2023-22045: Fixed...
Debian DSA-5478-1 : openjdk-11 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5478 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracl...
Siemens EFI Boot Guard Code Execution Vulnerability
Siemens EFI Boot Guard is a simple UEFI boot loader from Siemens Germany. A code execution vulnerability exists in Siemens EFI Boot Guard versions prior to 0.15, which stems from insufficient input validation and cleanup, and can be exploited by an attacker to execute arbitrary code in privileged...
SUSE SLED15: java-1_8_0-openj9 / java-1_8_0-openj9-accessibility / etc (SUSE-SU-2023:3305-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3305-1 advisory. Update to OpenJDK 8u372 build 07 with OpenJ9 0.38.0 virtual machine. CVE-2023-21930:...
Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2023-1797)
The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.382.b05-1.78. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1797 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...
The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to disclose protected information.
The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...
CLSA-2023-1691606104 openssh: Fix of CVE-2023-38408
CVE-2023-38408: checks libraries before dlopen and separate ssh-pkcs11-helpers for each p11 module...
CLSA-2023-1691576939 openssh: Fix of CVE-2023-38408
CVE-2023-38408: checks libraries before dlopen...
openssh: Fix of CVE-2023-38408
CVE-2023-38408: checks libraries before dlopen...
CLSA-2023-1691576785 openssh: Fix of CVE-2023-38408
CVE-2023-38408: checks libraries before dlopen...
Security Bulletin: Multiple vulnerabilities found on thirdparty libraries used by IBM® MobileFirst Platform
Summary There are multiple vulnerabilities in open source libraries used by IBM MobileFirst Platform Foundation. They are addressed in this update. Vulnerability Details CVEID:CVE-2022-45688 DESCRIPTION: Hutool is vulnerable to a denial of service, caused by stack-based buffer overflow. By...
Medium: java-1.8.0-openjdk
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1...
FreeBSD -- Potential remote code execution via ssh-agent forwarding
Problem Description: The server may cause ssh-agent to load shared libraries other than those required for PKCS11 support. These shared libraries may have side effects that occur on load and unload dlopen and dlclose. Impact: An attacker with access to a server that accepts a forwarded ssh-agent...
The onlyProfileOwnerOrDelegatedExecutor and whenNotPaused checks can be bypassed
Lines of code Vulnerability details Impact The LensHub.sol functions setProfileMetadataURI, setProfileMetadataURIWithSig, setFollowModule, setFollowModuleWithSig, collect, collectWithSig, act, actWithSig, setProfileImageURI, setProfileImageURIWithSig and others use...