952 matches found
USN-7179-4: Linux kernel (Xilinx ZynqMP) vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...
CVE-2023-38714 IBM Cloud Pak System information disclosure
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could disclose sensitive information about the system that could aid in further attacks against the system...
CVE-2023-38714
CVE-2023-38714 affects IBM Cloud Pak System versions 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1, with the issue described as disclosing sensitive information about the system that could aid in further attacks. The IBM secur...
CVE-2023-38716 IBM Cloud Pak System information disclosure
IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could disclose sensitive information about the system that could aid in further attacks against the system...
CVE-2024-55928
Summary: CVE-2024-55928 affects Xerox Workplace Suite. Public docs confirm the issue involves secrets exposed in clear text (locally and remotely) due to insecure handling, with the likely impact of unauthorized access to sensitive secrets. Affected product/details: Xerox Workplace Suite (print m...
How Imperva Protects the Arts Industry from Ticketing Abuse by Carding Bots
The ticketing industry is under constant threat from malicious bots, with bad actors targeting these platforms for financial gain. Bots accounted for 31.1% of all traffic to entertainment platforms in 2024, with attacks ranging from scalping and credential stuffing to carding operations. When one...
2025-01 Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 (KB5050186)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...
Fortinet Releases Security Updates for Multiple Products
Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Fortin...
CISA: 2022 ISC Annual Review
System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...
CISA: Extreme Weather Impacts
System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...
CISA: Security and Resiliency Guide - Lodging Annex
System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...
CVE-2024-47518
Specially constructed queries targeting ETM could discover active remote access sessions...
CVE-2024-12425
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supplying a file in a format that supports embedded font...
USN-7159-5: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
CVE-2024-28140
CVE-2024-28140 describes a vulnerability in the Image Access Scan2Net scanner software where the device boots into kiosk mode and opens the Scan2Net interface in a browser window that runs with root privileges, with several other applications also running as root. The issue is evidenced by proces...
Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: selinux,smack: don't bypass permissions check in inodesetsecctx hook CVE-2024-46695 kernel: net: avoid potential underflow in...
OracleVM 3.4 : kernel-uek (OVMSA-2024-0016)
The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.92.3- memcgwriteeventcontrol: fix a user-triggerable oops Al Viro Orabug: 37070674 CVE-2024-45021- ocfs2: fix races between hole punching and AIO+DIO Su Yue Orabug: 36835819...
ALSA-2024:10282 Low: kernel-rt:4.18.0 security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: media: edia: dvbdev: fix a use-after-free CVE-2024-27043 kernel: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in...
CVE-2024-37070
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system...