65 matches found
CVE-2020-0019
In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-171413798...
RLSA-2024:7000 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: CVE-2023-6040 CVE-2024-26595 CVE-2024-26600 CVE-2021-46984 CVE-2023-52478 CVE-2023-52476 CVE-2023-52522 CVE-2021-47101 CVE-2021-47097 CVE-2023-52605 CVE-2024-26638 CVE-2024-26645 CVE-2024-26665...
PT-2025-13872
Name of the Vulnerable Software and Affected Versions macOS versions prior to 13.7.5 macOS Sequoia versions prior to 15.4 macOS Sonoma versions prior to 14.7.5 Description The issue allows a malicious JAR file to bypass Gatekeeper checks due to improper handling of executable types. Recommendatio...
Vulnerability in most browsers abused in targeted attacks
Researchers found a vulnerability in Chrome that was abused in the wild against organizations in Russia. Google has released an update for its Chrome browser which includes patches for this vulnerability. The update brings the Stable channel to versions 134.0.6998.178 for Windows. Other operating...
CVE-2025-27832
An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c...
Linux Distros Unpatched Vulnerability : CVE-2023-1855
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in xgenehwmonremove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver xgene-hwmon. This flaw could...
CVE-2024-25612
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...
RLSA-2025:0065 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: i40e: fix race condition by adding filter's intermediate sync state CVE-2024-53088 kernel: mptcp: cope racing subflow creation in mptcprcvspaceadjust CVE-2024-53122 For more details about...
CVE-2024-55919
Improper input validation on generic SSO login...
CVE-2024-47460 Unauthenticated Command Injection Vulnerability in the CLI Service Accessed by the PAPI Protocol
Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of this vulnerability results in the ability ...
Microsoft Windows NT OS Kernel 安全漏洞
Microsoft Windows NT OS Kernel is the core of the Windows operating system from Microsoft Corporation USA and is responsible for managing system resources, providing hardware abstraction, and ensuring system security and stability. A security vulnerability exists in Microsoft Windows NT OS Kernel...
Unspecified vulnerability in Linux kernel (CNVD-2024-40293)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not checking whether the denominator is zero. No details of the vulnerability are provided at this time...
CVE-2024-38810
Missing Authorization When Using @AuthorizeReturnObject in Spring Security 6.3.0 and 6.3.1 allows attacker to render security annotations inaffective...
The vulnerability of the TCP/IP Connectivity Utilities component in IBM i operating systems allows attackers to enhance their privileges.
The vulnerability of the TCP/IP Connectivity Utilities component in IBM i operating systems is related to access control errors. Exploiting this vulnerability allows attackers to enhance their privileges...
CVE-2024-4046
Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect availability...
Dell PowerScale OneFS Incorrect Privilege Management Vulnerability
Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. An incorrect privilege management vulnerability exists in Dell PowerScale OneFS, which can be exploited by a local, high-privilege attacker to cause privilege...
Google Android suffers from an unspecified vulnerability (CNVD-2025-00873)
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android that stems from a logic error in the removePersistentDot method code of the SystemStatusAnimationSchedulerImpl.kt file, where a race condition may exist. No detailed...
New Windows/Linux Firmware Attack
Interesting attack based on malicious pre-OS logo images: LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux…. The...
The vulnerability of the Management Central component of the IBM i operating system, which allows attackers to escalate their privileges.
The vulnerability of the Management Central component of the IBM i operating system is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges and gain access to components of the operating system...
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791)
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of...