Lucene search
K

41 matches found

OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.10 views

Fedora: Security Advisory for sudo-rs (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2024/06/02 3:39 a.m.13 views

[SECURITY] Fedora 39 Update: sudo-rs-0.2.2-3.fc39

A memory safe implementation of sudo and su...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.6 views

Fedora: Security Advisory for sudo-rs (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2024/05/26 1:29 a.m.14 views

[SECURITY] Fedora 40 Update: sudo-rs-0.2.2-3.fc40

A memory safe implementation of sudo and su...

7.3AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/05/23 3:5 a.m.4 views

SUSE CVE-2021-47276

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftracebug It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftraceinit, but the error path rightfully returned -EINVAL and not -EFAULT,...

5.5CVSS6.4AI score0.00236EPSS
Exploits0References9
Fedora
Fedora
added 2024/02/22 2:43 a.m.37 views

[SECURITY] Fedora 38 Update: rust-git2-0.18.2-1.fc38

Bindings to libgit2 for interoperating with git repositories. This library is both threadsafe and memory safe and allows both reading and writing git repositories...

9.8CVSS9.5AI score0.01546EPSS
Exploits0
Fedora
Fedora
added 2024/02/20 1:40 a.m.26 views

[SECURITY] Fedora 39 Update: rust-git2-0.18.2-1.fc39

Bindings to libgit2 for interoperating with git repositories. This library is both threadsafe and memory safe and allows both reading and writing git repositories...

9.8CVSS7.3AI score0.01546EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/08 12:0 a.m.30 views

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current sudo Multiple Vulnerabilities (SSA:2023-311-01)

The version of sudo installed on the remote host is prior to 1.9.15. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-311-01 advisory. - Sudo-rs, a memory safe implementation of sudo and su, allows users to not have to enter authentication at every sudo attempt...

8.1CVSS7.2AI score0.00571EPSS
Exploits1References3
Microsoft Secure
Microsoft Secure
added 2023/09/26 5:0 p.m.16 views

New security features in Windows 11 protect users and empower IT

While attacks are getting more sophisticated, so are our defenses. With recent innovations like secured-core PCs that are 60 percent more resilient to malware than non-secured-core PCs,1 and the Microsoft Pluton Security Processor that adds more protection by isolating sensitive data like...

7.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/09/26 5:0 p.m.21 views

New security features in Windows 11 protect users and empower IT

While attacks are getting more sophisticated, so are our defenses. With recent innovations like secured-core PCs that are 60 percent more resilient to malware than non-secured-core PCs,1 and the Microsoft Pluton Security Processor that adds more protection by isolating sensitive data like...

7.2AI score
Exploits0
UbuntuCve
UbuntuCve
added 2023/09/21 4:15 p.m.35 views

CVE-2023-42456

Sudo-rs, a memory safe implementation of sudo and su, allows users to not have to enter authentication at every sudo attempt, but instead only requiring authentication every once in a while in every terminal or process group. Only once a configurable timeout has passed will the user have to...

8.1CVSS7.2AI score0.00571EPSS
Exploits0References2
Prion
Prion
added 2023/09/21 4:15 p.m.28 views

Path traversal

Sudo-rs, a memory safe implementation of sudo and su, allows users to not have to enter authentication at every sudo attempt, but instead only requiring authentication every once in a while in every terminal or process group. Only once a configurable timeout has passed will the user have to...

5.5CVSS8.2AI score0.00571EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/21 3:20 p.m.15 views

CVE-2023-42456 sudo-rs Session File Relative Path Traversal vulnerability

Sudo-rs, a memory safe implementation of sudo and su, allows users to not have to enter authentication at every sudo attempt, but instead only requiring authentication every once in a while in every terminal or process group. Only once a configurable timeout has passed will the user have to...

3.3CVSS7AI score0.00571EPSS
Exploits0References2
OSV
OSV
added 2023/05/18 5:28 p.m.57 views

GHSA-W3F6-PC54-GFW7 swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. There are a number of...

7.5CVSS7.4AI score0.01119EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2023/04/21 3:0 a.m.27 views

iOS Lockdown Mode effective against NSO zero-click exploit

Apples Lockdown Mode feature alerted a victim to one of the latest NSO exploits, according to a report by Citizen Lab. image courtesy of Citizen Lab This is a huge deal since it shows how useful Lockdown Mode can be, even against exploits developed by one of the worlds most notorious commercial...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/16 2:0 a.m.28 views

Google to support the use of Rust in Chromium

In a blog by the Chrome security team we learned that the Chromium project is going to support the use of third-party Rust libraries from C++ in Chromium. This is good news because Rust is a so-called memory-safe programming language. So using it in a widespread program like Chrome and the other...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/04 10:30 p.m.33 views

Android is slowly mastering memory management vulnerabilities

Recently we wrote about why the NSA wants you to shift to memory safe programming languages. The short version is: If you ever read our posts describing security vulnerabilities, you will see a lot of phrases like "buffer overflow", "failure to release memory", "use after free", "memory...

Exploits0
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.5 views

Occlum 安全漏洞

Occlum is a memory-safe, multiprocess library operating system for Intel SGX. A security vulnerability in util/memutil.rs in Occlum for Intel SGX prior to version 0.26.0 stems from pointer validation logic acting as an obfuscation agent. Allows a local attacker to access unauthorized information...

5.5CVSS5.8AI score0.00429EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2021/01/29 4:52 p.m.162 views

Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System

In an effort to prevent attacks from being launched via its iMessage feature, Apple has debuted a security service called BlastDoor in iOS 14, its current mobile operating system version. First detailed in an analysis this week by Google Project Zero’s Samuel Groß, BlastDoor acts as a “tightly...

7.2AI score
Exploits0References13
MSRC
MSRC
added 2019/07/18 7:0 a.m.8 views

We need a safer systems programming language

In our first post in this series, we discussed the need for proactively addressing memory safety issues. Tools and guidance are demonstrably not preventing this class of vulnerabilities; memory safety issues have represented almost the same proportion of vulnerabilities assigned a CVE for over a...

7.3AI score
Exploits0
Rows per page
Query Builder