The vulnerability of the SolarWinds Orion network monitoring software, related to the restoration of unreliable data in memory, allows a intruder to execute arbitrary commands.

The vulnerability of SolarWinds Orion network monitoring software lies in the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the ColdFusion software platform, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code.

The vulnerability of the ColdFusion software platform lies in the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the IBM Aspera Faspex file-sharing application, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code.

The vulnerability of the IBM Aspera Faspex file-sharing application lies in the restoration of unreliable data in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code by sending a specially crafted API request...

K80159635: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130

Security Advisory Description Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2018-12130 Impact MDS...

K97035296: Microarchitectural Load Port Data Sampling - Information Leak (MLPDS) CVE-2018-12127

Security Advisory Description Microarchitectural Load Port Data Sampling MLPDS: Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2018-12127 Impact MDS...

K30683410: systemd vulnerability CVE-2018-16866

Security Advisory Description An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. CVE-2018-16866 Impact There is n...

SUSE CVE-2004-0181

The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device...

SUSE CVE-2020-6438

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension...

SUSE CVE-2020-15959

Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering...

SUSE CVE-2020-15989

Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file...

The vulnerability of the vRealize Log Insight log management tool, related to the restoration of unreliable data in memory, allows a intruder to trigger a service failure.

The vulnerability of the vRealize Log Insight log management tool is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure due to the deserialization of unreliable data...

PT-2023-1356 · Vmware · Vrealize Log Insight

Name of the Vulnerable Software and Affected Versions: vRealize Log Insight affected versions not specified Description: The issue is related to a deserialization vulnerability in vRealize Log Insight, which can be exploited by an unauthenticated malicious actor to trigger the deserialization of...

CVE-2022-41740

IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access to the system to obtain highly sensitive information from system memory. IBM X-Force ID: 238053...

The vulnerability of the library for serializing and deserializing YAML documents in SnakeYAML, related to the restoration of the unreliable data structure in memory, allows a perpetrator to execute arbitrary code.

The vulnerability of the library for serializing and deserializing YAML documents in SnakeYAML is related to the restoration of a unreliable data structure in memory. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

NetMotion Mobility 信息泄露漏洞

NetMotion Mobility is a mobile VPN software from NetMotion, Inc. It is used to securely extend enterprise networks to mobile environments. An information disclosure vulnerability exists in versions prior to Motorola Mobility Motorola e20 RONS31.267-38-8, which stems from incorrect access control...

redis security and bug fix update

An update is available for redis. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Redis is an advanced key-value store. It is often referred to as a data-structu...

RLSA-2022:8096 Low: redis security and bug fix update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

Low: redis security and bug fix update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

redis:6 security, bug fix, and enhancement update

An update is available for redis. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Redis is an advanced key-value store. It is often referred to as a data-structu...

Low: redis:6 security, bug fix, and enhancement update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...