CVE-2022-34466

A vulnerability has been identified in Mendix Applications using Mendix 9 All versions = V9.11 V9.15, Mendix Applications using Mendix 9 V9.12 All versions V9.12.3. An expression injection vulnerability was discovered in the Workflow subsystem of Mendix Runtime, that can affect the running...

PT-2022-3591 · Microsoft · Windows Client Server Run-Time Subsystem +1

Name of the Vulnerable Software and Affected Versions: Windows Client Server Run-time Subsystem CSRSS affected versions not specified Description: The issue is related to insufficient access restrictions in the Client Server Run-time Subsystem CSRSS of the Windows operating system. It allows an...

PT-2022-22172 · Mendix · Mendix

Name of the Vulnerable Software and Affected Versions: Mendix Applications using Mendix 9 versions 9.11 through 9.14 Mendix Applications using Mendix 9 version 9.12 versions prior to 9.12.3 Description: An expression injection vulnerability was discovered in the Workflow subsystem of Mendix...

Microsoft Windows 代码问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A code issue vulnerability exists in the Microsoft Windows Client/Server Runtime Subsystem. The following products and editions are affected:Windows 10 Version 1809 for 32-bit...

Microsoft Windows 缓冲区错误漏洞

Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. A buffer error vulnerability exists in the Microsoft Windows Client/Server Runtime Subsystem. The following products and editions are affected:Windows 10 Version 1809 for 32-bit Systems,Windo...

PT-2022-3590

Name of the Vulnerable Software and Affected Versions Windows Client Server Run-time Subsystem CSRSS affected versions not specified Description The issue is related to an elevation of privilege vulnerability in the Windows Client Server Run-time Subsystem CSRSS. It allows an attacker to gain...

Linux Kernel LightNVM Subsystem Heap-based Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the LightNVM subsystem...

Linux Kernel LightNVM Subsystem Heap-based Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the LightNVM subsystem...

USN-5505-1: Linux kernel vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

USN-5505-1 linux-lts-xenial, linux-kvm vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

Important: kernel

Issue Overview: A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality. CVE-2022-0494 An information...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root

A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue...

Oracle Linux 8 : Unbreakable Enterprise kernel (ELSA-2022-9533)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9533 advisory. - KVM: x86/speculation: Disable Fill buffer clear within guests Pawan Gupta Orabug: 34202258 CVE-2022-21123 CVE-2022-21127 CVE-2022-21125 CVE-2022-2116...

Vulnerability of the net80211 kernel subsystem in FreeBSD operating systems, allowing a hacker to execute arbitrary code

The vulnerability in the net80211 kernel subsystem of FreeBSD relates to the lack of proper checking for the length of user data before it is copied into the buffer during 802.11 packet processing. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability in the net/netfilter/nf_tables_api.c component of the Linux kernel’s netfilter subsystem allows a attacker to elevate their privileges to the root level.

The vulnerability in the net/netfilter/nftablesapi.c component of the Linux kernel’s netfilter subsystem relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root

A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root

A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue...