grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

openSUSE 15 Security Update : nginx (openSUSE-SU-2021:1815-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1815-1 advisory. - A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause...

CVE-2021-31895

A vulnerability has been identified in RUGGEDCOM i800 All versions V4.3.7, RUGGEDCOM i801 All versions V4.3.7, RUGGEDCOM i802 All versions V4.3.7, RUGGEDCOM i803 All versions V4.3.7, RUGGEDCOM M2100 All versions V4.3.7, RUGGEDCOM M2200 All versions V4.3.7, RUGGEDCOM M969 All versions V4.3.7,...

Remote code execution

A vulnerability has been identified in RUGGEDCOM ROS M2100 All versions V4.3.7, RUGGEDCOM ROS M2200 All versions V4.3.7, RUGGEDCOM ROS M969 All versions V4.3.7, RUGGEDCOM ROS RMC All versions V4.3.7, RUGGEDCOM ROS RMC20 All versions V4.3.7, RUGGEDCOM ROS RMC30 All versions V4.3.7, RUGGEDCOM ROS...

Siemens RUGGEDCOM 缓冲区错误漏洞

Siemens RuggedCom ROS is a Siemens operating system for the RuggedCom series of switches. A buffer overflow vulnerability exists in Siemens RUGGEDCOM ROS Devices due to a DHCP client in the affected devices failing to properly clear incoming DHCP packets. A remote attacker could exploit the...

(Pwn2Own) Apple Safari Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the LLIntGenerator...

OESA-2021-1225 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrit...

postgresql: Buffer overrun from integer overflow in array subscripting calculations

A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...

postgresql: Buffer overrun from integer overflow in array subscripting calculations

A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...

A security issue in nginx resolver was identified which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite resulting in worker process crash or potential other impact.

...

CVE-2020-11178

Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

CVE-2021-22550

An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. It is recommended to update past 0.6.3 or git commit https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c...

CVE-2021-22549

An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c...

CVE-2021-22550

The CVE-2021-22550 entry concerns the Google Asylo framework where an attacker can modify pointers in enclave memory to overwrite arbitrary addresses inside a secure enclave. The vulnerability is tied to UntrustedCacheMalloc::GetBuffer (as described in CVE records) and is mitigated by updating be...

CVE-2021-22549

CVE-2021-22549 affects Google’s Asylo framework (TrustedPrimitives::UntrustedCall). The vulnerability allows an attacker to modify an address to point to trusted memory, overwriting arbitrary trusted memory. Public details indicate exploitation is local with low attack complexity; attacker privil...

Oracle Linux 8 : nginx:1.18 (ELSA-2021-2259)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2259 advisory. 1.18.0-3.1.0.1 - Remove Red Hat references Orabug: 29498217 1:1.18.0-3.1 - Resolves: 1963178 - CVE-2021-23017 nginx:1.18/nginx: Off-by-one in ngxresolvercopy wh...

Google Asylo 安全漏洞

Google Asylo is a framework for the development of trusted applications from Google USA. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A security vulnerability exists in asylo, which stems from the ability to modify an...

Google Asylo 安全漏洞

Google Asylo is a framework for the development of trusted applications from Google USA. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A security vulnerability exists in asylo that stems from the ability to modify...

nginx 0.6.x < 1.20.1 1-Byte Memory Overwrite RCE

According to its Server response header, the installed version of nginx is 0.6.18 prior to 1.20.1. It is, therefore, affected by a remote code execution vulnerability. A security issue in nginx resolver was identified, which might allow an unauthenticated remote attacker to cause 1-byte memory...

Amazon Linux AMI : nginx (ALAS-2021-1507)

The version of nginx installed on the remote host is prior to 1.18.0-1.43. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1507 advisory. A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character o...