6340 matches found
CVE-2024-4017 Privilege Escalation in U-Series Appliance
Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit filesystem modules allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before 4.0.3...
CVE-2024-4018 Privilege Escalation in U-Series Appliance
Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit local appliance api modules allows Privilege Escalation.This issue affects U-Series Appliance: from 3.4 before 4.0.3...
CVE-2024-4018
CVE-2024-4018 is an improper privilege management vulnerability in BeyondTrust U-Series Appliance on Windows (64-bit local appliance API modules) that allows privilege escalation. Affected versions are 3.4 through before 4.0.3; the issue is mitigated by upgrading to 4.0.3 or later. The CVE’s docu...
PT-2024-28797 · Beyondtrust +1 · Beyondtrust U-Series Appliance +1
Name of the Vulnerable Software and Affected Versions: BeyondTrust U-Series Appliance versions 3.4 through 4.0.2 Description: The issue is related to improper privilege management, allowing privilege escalation. This is due to a vulnerability in the local appliance API modules on Windows, 64-bit...
CVE-2024-26921
In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...
CVE-2023-52644
In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correct ieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS is disabl...
CVE-2024-26877
A vulnerability was found in the Linux kernel's Xilinx crypto driver. This issue is caused by failing to disable bottom halves BH when calling the cryptofinalizerequest function, leading to potential system warnings and call traces. Mitigation Mitigation for this issue is either not available or...
CVE-2024-26854
In the Linux kernel, the following vulnerability has been resolved: ice: fix uninitialized dplls mutex usage The pf-dplls.lock mutex is initialized too late, after its first use. Move it to the top of icedpllinit. Note that the "errexit" error path destroys the mutex. And the mutex is the last...
CVE-2024-26877 crypto: xilinx - call finalize with bh disabled
In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling cryptofinalizerequest, BH should be disabled to avoid triggering the following calltrace: ------------ cut here ------------ WARNING: CPU: 2 PID: 74 at...
USN-6727-2: NSS regression
USN-6727-1 fixed vulnerabilities in NSS. The update introduced a regression when trying to load security modules on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that NSS incorrectly handled...
CVE-2024-30729
This CVE entry is rejected/not used and does not represent an active vulnerability entry.
The vulnerability of microprogramming software for Intel Optane PMem 100 Series persistent memory modules, related to access segmentation deficiencies, allows attackers to exploit their privileges.
The vulnerability of microprogramming software for Intel Optane PMem 100 Series persistent memory modules is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
Sicat - The Useful Exploit Finder
Introduction SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant...
varnish security update
varnish 6.0.13-1 - new version 6.0.13 - Resolves: RHEL-30378 - varnish:6/varnish: HTTP/2 Broken Window Attack may result in denial of service CVE-2024-30156 varnish-modules...
EulerOS 2.0 SP9 : openssl (EulerOS-SA-2024-1491)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact...
CVE-2024-2511
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...
CVE-2024-2511
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...
CVE-2024-2511
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...
CVE-2024-2511 Unbounded memory growth with session handling in TLSv1.3
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...
CVE-2024-2511
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...