148 matches found
Astra Linux – Vulnerability in Linux
A issue was discovered in the Linux kernel through version 5.11.x. The kernel/bpf/verifier.c file contains unwanted out-of-bounds speculation during pointer arithmetic operations, which allows for side-channel attacks that circumvent Spectre mitigations and extract sensitive information from kern...
CVE-2026-34971 Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift
Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001549)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001549 advisory. An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out- of-bounds speculation on pointer arithmetic, leading to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004786)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004786 advisory. The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by usi...
EUVD-2020-19694
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414671)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414671 advisory. An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error with a resultant integer underflow affecting out-of-bounds...
Linux Distros Unpatched Vulnerability : CVE-2019-9793
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This...
Exploit for Out-of-bounds Write in Mozilla Firefox
CVE-2024-29943 A Pwn2Own SpiderMonkey JIT Bug: From Integer R...
USN-6739-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 Wei Chen discovered that a race condition existed in the TIPC protocol implementation in...
EulerOS Virtualization 2.9.1 : mozjs60 (EulerOS-SA-2024-1458)
According to the versions of the mozjs60 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an...
Huawei EulerOS: Security Advisory for mozjs60 (EulerOS-SA-2024-1473)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.0 : mozjs60 (EulerOS-SA-2024-1473)
According to the versions of the mozjs60 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an...
USN-6701-2 linux-gcp, linux-gcp-4.15 vulnerabilities
Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...
USN-6701-1 linux, linux-aws, linux-hwe, linux-kvm, linux-oracle vulnerabilities
Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...
Huawei EulerOS: Security Advisory for mozjs60 (EulerOS-SA-2024-1201)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : mozjs60 (EulerOS-SA-2024-1181)
According to the versions of the mozjs60 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable cras...
EulerOS 2.0 SP9 : mozjs60 (EulerOS-SA-2024-1201)
According to the versions of the mozjs60 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable cras...
USN-6548-4 linux-gkeop vulnerabilities
It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...
USN-6548-3 linux-oracle vulnerabilities
It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...
USN-6548-2 linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...