Missing Linux Kernel mitigations for 'GhostWrite' hardware vulnerability

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

CVE-2025-57443

FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...

CVE-2025-4855

The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sbencryption function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization...

CVE-2025-40670

CVE-2025-40670 affects TCMAN GIM v11. The vulnerability is an incorrect authorization flaw that allows an unprivileged attacker to create a user and assign it many privileges by sending a POST to /PC/frmGestionUser.aspx/updateUser. Affected software and component: TCMAN GIM v11, web-based user-ma...

CVE-2024-21982

ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user...

CVE-2024-36586

An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary...

CVE-2024-44067

The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in the SOPHON SG2042 have instructions that allow unprivileged attackers to write to arbitrary physical memory locations, aka GhostWrite...

CVE-2024-44067

The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in the SOPHON SG2042 have instructions that allow unprivileged attackers to write to arbitrary physical memory locations, aka GhostWrite...

CVE-2024-44067

CVE-2024-44067 affects the T-Head XuanTie C910 (TH1520 SoC) and XuanTie C920 (SOPHON SG2042); an instruction in these CPUs allows unprivileged attackers to write to arbitrary physical memory (GhostWrite). Reported impact is high for confidentiality, integrity, and availability (CVSSv3.1: 8.4, Loc...

AdGuardHome privilege escalation vulnerability

An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary...

CVE-2024-36586

An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary...

CVE-2024-36586

AdGuardHome is affected by a privilege escalation vulnerability (CVE-2024-36586) affecting v0.93 to latest, described as unprivileged attackers escalating privileges by overwriting the AdGuardHome binary. Connected advisories (OSV GO-2024-2924 and GHSA-7JP9-VGMQ-C8R5, Veracode 47547, CNNVD, PT-20...

CVE-2024-36586

An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary...

PT-2024-7966 · Brocade · Brocade Sannav

Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.0a Description: The issue is related to incorrect permissions set on files, including docker files, in Brocade SANnav. This allows an unprivileged attacker who gains access to the server to read sensitive...

CVE-2024-21982

ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user...

Code injection

ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user...

CVE-2024-21982 CVE-2024-21982 Information Disclosure Vulnerability in ONTAP 9

ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user...

GLSA-202401-08 : util-linux: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-08 util-linux: Multiple Vulnerabilities - A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local...

CVE-2023-42118

An integer underflow flaw was discovered in libspf2 library which exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly validate user-supplied data, which can result in an integer underflow before writing to memory. This vulnerability allows...

CVE-2023-20569

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure...