1822 matches found
CVE-2023-42520
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...
CVE-2023-42521
Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...
CVE-2023-42526
Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Clien...
CVE-2023-42525
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security...
CVE-2023-42523
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security fo...
CVE-2023-42521
Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...
PT-2023-28385 · Withsecure · Withsecure Elements Endpoint Protection +5
Name of the Vulnerable Software and Affected Versions: WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure...
CVE-2023-42520
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...
CVE-2023-42524
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security...
CVE-2023-42522
Certain WithSecure products allow a remote crash of a scanning engine via processing of an import struct in a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecu...
CVE-2023-42526
Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Clien...
PT-2023-36432 · Gnu +2 · Linux +2
Уязвимость функции aa unpack в модуле security/apparmor/policy unpack.c модуля безопасности AppArmor ядра операционной системы Linux связана с возможной утечкой памяти. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании...
MGASA-2023-0250 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.126 and fixes or adds mitigations for atleast the following security issues: Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to...
CVE-2023-4042 Ghostscript: incomplete fix for cve-2020-16305
A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8...
SUSE-SU-2023:3268-1 Security update for util-linux
This update for util-linux fixes the following issues: - CVE-2018-7738: Fixed shell code injection in umount bash-completions. bsc1213865, bsc1084300...
The vulnerability of the XFRM subsystem in the Linux operating system allows a hacker to gain access to protected information.
The vulnerability of the XFRM subsystem in the Linux operating system is related to reading memory beyond the boundaries of the allocated buffer in the net/xfrm/xfrmuser.c module. Exploiting this vulnerability can allow an attacker to gain access to protected information...
CVE-2023-37477
1Panel exposes an OS command injection in its firewall IP endpoint (/hosts/firewall/ip). The vulnerability allows an authenticated attacker to craft input that leads to arbitrary command execution, potentially full system compromise. The issue stems from lack of input validation in the firewall f...
Warpgate 授权问题漏洞
Warpgate is a smart SSH, HTTPS and MySQL bastion host for Linux from the warp-tech project. Warpgate suffers from an authorization problem vulnerability that stems from the fact that when logged in as an SSO-enabled user, an attacker may be able to pass authentication as another user...
Important: kernel-livepatch-4.14.313-235.533
Issue Overview: dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference. CVE-2023-28466 Affected Packages: kernel-livepatch-4.14.313-235.533 Issue Correction: Please ensur...
LSMS - Linux Security And Monitoring Scripts
These are a collection of security and monitoring scripts you can use to monitor your Linux installation for security-related events or for an investigation. Each script works on its own and is independent of other scripts. The scripts can be set up to either print out their results, send them to...