110 matches found
RHEL 9 : libxslt (RHSA-2026:6499)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6499 advisory. libxslt is a library for transforming XML files into other textual formats including HTML, plain text, and other XML representations of the underlyin...
Barracuda ESG TAR Filename Command Injection
This module exploits CVE-2023-2868, a command injection vulnerability in Barracuda Email Security Gateway ESG appliances. The vulnerability exists in how the ESG processes TAR file attachments - filenames containing shell metacharacters backticks are passed directly to shell commands during...
MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability
Microsoft is aware of vulnerabilities in the third party Agere Soft Modem drivers that ship natively with supported Windows operating systems. This is an announcement of the removal of agrsm64.sys and agrsm.sys drivers. The drivers have been removed in the January 2026 cumulative update. Soft mod...
CVE-2023-40434
A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access a user's Photos Library...
CVE-2023-40662
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jonk @ Follow me Darling Cookies and Content Security Policy.This issue affects Cookies and Content Security Policy: from n/a through 2.15...
CVE-2023-45811
Synchrony deobfuscator is a javascript cleaner & deobfuscator. A proto pollution vulnerability exists in versions before v2.4.4. Successful exploitation could lead to arbitrary code execution. A proto pollution vulnerability exists in the LiteralMap transformer allowing crafted input to modify...
CVE-2023-54135
In the Linux kernel, the following vulnerability has been resolved: mapletree: fix potential out-of-bounds access in maswrendpiv Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extend...
CVE-2023-53771
creationtimestamp| type| source ---|---|--- 2025-12-09 23:16:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7loh5iw3q2q...
CVE-2023-53848
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5lexitlog Commit b13015af94cf "md/raid5-cache: Clear conf-log after finishing work" introduce a new problem: // caller hold reconfigmutex r5lexitlog flushwork&log-disablewritebackwork...
BELL-CVE-2023-53761
Bulletin has no description...
CVE-2023-53785
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: don't assume adequate headroom for SDIO headers mt7921usbsdiotxprepareskb calls mt7921usbsdiowritetxwi and mt7921skbaddusbsdiohdr, both of which blindly assume that adequate headroom will be available in the passed...
ROOT-OS-UBUNTU-2204-CVE-2023-25564 CVE-2023-25564 in rootio-gss-ntlmssp - Patched by Root
Root has patched CVE-2023-25564 in the rootio-gss-ntlmssp package for Root:Ubuntu:22.04. Multiple fixed versions available...
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat aka ALPHV ransomware between May and November 2023 and extorting them. Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co–conspirator aka "Co-Conspirator 1" based ...
CVE-2023-53716
In the Linux kernel, the following vulnerability has been resolved: net: fix skb leak in skbtstamptx Commit 50749f2dd685 "tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp." added a call to skborphanfragsrx to fix leaks with zerocopy skbs. But it ended up adding a leak of its own...
CVE-2023-53375
In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: cd /sys/kernel/tracing...
CVE-2023-53393
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5ibgethwstats when used for device Currently, when mlx5ibgethwstats is used for device portnum = 0, there is a special handling in order to use the correct counters, but, portnum is being passed down the stack...
CVE-2023-53299
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio-remaining' for recovery raid10syncrequest will add 'r10bio-remaining' for both rdev and replacement rdev. However, if the read io fails, recoveryrequestwrite returns without issuing the write io, in...
CVE-2023-53300
In the Linux kernel, the following vulnerability has been resolved: media: hi846: Fix memleak in hi846initcontrols hi846initcontrols doesn't clean the allocated ctrlhdlr in case there is a failure, which causes memleak. Add v4l2ctrlhandlerfree to free the resource properly...
CVE-2023-53271
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix unreferenced object reported by kmemleak in ubiresizevolume There is a memory leaks problem reported by kmemleak: unreferenced object 0xffff888102007a00 size 128: comm "ubirsvol", pid 32090, jiffies 4298464136 age...
CVE-2023-53204
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-races around user-unixinflight. user-unixinflight is changed under spinlockunixgclock, but toomanyunixfds reads it locklessly. Let's annotate the write/read accesses to user-unixinflight. BUG: KCSAN: data-race in...