154 matches found
CVE-2020-35758
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a Authentication Bypass in the Web Interface. This interface does not properly restrict access to internal functionality. Despite presenting a password login page on first access, authentication is not required to access...
Updated nvidia390 packages fix security vulnerabilities
NVIDIA GPU Display Driver Linux contains a vulnerability in the kernel mode layer nvidia.ko IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure CVE‑2021‑1052. NVIDIA GPU Display Driver for...
Ubuntu: Security Advisory (USN-4689-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-1052
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and...
CVE-2021-1052
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and...
CVE-2021-1052
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and...
The vulnerability of the PostScript Ghostscript file conversion program lies in the improper use of privileged APIs, allowing an attacker to gain access to the file system bypassing restrictions.
The vulnerability of the PostScript Ghostscript file conversion program is related to the improper use of privileged APIs. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to the file system by circumventing the restrictions imposed by the -dSAFER option,...
CVE-2018-6083
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page...
Authorization
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page...
CVE-2018-6083
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page...
UBUNTU-CVE-2018-6083
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page...
CVE-2018-6083
Removed by vendor...
CVE-2018-6083
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page...
chromium-browser: incorrect processing of appmanifests
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page...