952 matches found
CVE-2021-29396
Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to use various functionalities without authentication...
CVE-2021-32022
A low privileged delete vulnerability using CEF RPC server of BlackBerry Protect for Windows versions versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system and gaining the ability to delete...
CVE-2020-3842
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges...
CVE-2011-4143
EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote attackers to obtain sensitive information about environment variables in the web system via unspecified vectors...
CVE-2017-17674
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery SSRF, or remote code execution RCE...
USN-7517-2: Linux kernel (IBM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver;...
CVE-2025-37954
In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in opencacheddir with lease breaks A pre-existing valid cfid returned from findorcreatecacheddir might race with a lease break, meaning opencacheddir doesn't consider it valid, and thinks it's...
CVE-2025-37949
In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track req lifetime Marek reported seeing a NULL pointer fault in the xenbusthread callstack: BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: e030:wakeupcommon+0x4c/0x180 Call Trace:...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7513-1)
"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7513-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
PT-2025-20888
Name of the Vulnerable Software and Affected Versions Bosch Infotainment ECU versions affected versions not specified Description The Infotainment ECU, manufactured by Bosch, utilizes an RH850 module for CAN communication. The RH850 module connects to the infotainment system via the INC interface...
CVE-2025-31238
The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption...
USN-7496-4: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...
Winning at All Cost: a Small Environment for Eliciting Specification Gaming Behaviors in Large Language Models
This study reveals how frontier Large Language Models LLMs can "game the system" when faced with impossible situations, a critical security and alignment concern. Using a novel textual simulation approach, we presented three leading LLMs o1, o3-mini, and r1 with a tic-tac-toe scenario designed to...
Ubuntu: Security Advisory (USN-7458-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-5VXX-C285-PCQ4 vulnerabilities
Vulnerabilities for packages: hubble-fips, hubble, hubble-ui-backend-fips...
CVE-2025-31343
creationtimestamp| type| source ---|---|--- 2025-04-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01 2025-06-16 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-391/...
PT-2025-16332
The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. First identified o...
CVE-2025-27083
Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows an Authenticated attacker to execute arbitrary commands as a privileged user on the underlying...
CVE-2025-2782 WatchGuard Terminal Services Agent Local Privilege Escalation via Non-Standard Installation Directory
The WatchGuard Terminal Services Agent on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects Terminal Services Agent: from...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7383-1)
"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7383-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...