EUVD-2007-5935

Malware in sbrugna...

glib2: Signal subscription vulnerabilities

A flaw was found in GNOME GLib. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the...

SUSE CVE-2025-1975

A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index when downloading a model via the /api/pull endpoint. An attacker can cause the server to crash by customizing the manifest content and spoofing a service. Remediation Upgrade...

KLA83531 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability can be exploited remotely to...

KB5042881: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (September 2024)

The remote Windows host is missing security update 5042881 or hotpatch update 5042880. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows...

KB5043092: Windows Server 2008 R2 Security Update (September 2024)

The remote Windows host is missing security update 5043092. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows Remote Desktop Licensing...

Microsoft Windows Multiple Vulnerabilities (KB5034831)

This host is missing an important security update according to Microsoft KB5034831 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Windows Multiple Vulnerabilities (KB5034767)

This host is missing an important security update according to Microsoft KB5034767 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme

A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that's targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The fraudulent scheme entails sending users bogus text messages asking them to pay a vehicle trip f...

CVE-2021-27231

Hestia Control Panel 1.3.5 and below, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer's domain name, leading to spoofing of services or email messages...

CVE-2017-10818

MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may allow an attacker to alter the connection settings of Terminal Agent and spoof the Relay Service...

kauth: Local privilege escalation

Albert Astals Cid reports: KAuth contains a logic flaw in which the service invoking dbus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account...

Patched BadTunnel Windows Bug Has 'Extensive' Impact

Among the more than three dozen vulnerabilities Microsoft patched on Tuesday was a fix for a bug that the researcher who found it said has “probably the widest impact in the history of Windows.” “There were also some wide impact vulnerabilities before, but maybe not like this extensive,” Chinese...

KLA10436 Multiple vulnerabilities in VMware vSphere Client

Multiple critical vulnerabilities have been found in VMware vSphere. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security. Below is a complete list of vulnerabilities 1. An improper client file update validation can be exploited remotely; 2. An improper...

Mozilla Thunderbird Multiple Vulnerabilities-01 (Nov 2013) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

HP Network Node Manager remote console weak files permissions

Weak permissions for C:Program FilesHP OpenView allows executable files and system service file spoofing...

Gentoo Security Advisory GLSA 200901-13 (pidgin)

The remote host is missing updates announced in advisory GLSA 200901-13. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Gentoo Security Advisory GLSA 200901-13 (pidgin)

The remote host is missing updates announced in advisory GLSA 200901-13. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

CVE-1999-0195

Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1...