15 matches found
Astra Linux – Vulnerability in Linux, Linux 5.10
An improper update of the reference count vulnerability in the net/sched component of the Linux kernel allows a local attacker to escalate privileges to root. This issue affects Linux Kernel versions prior to 5.18, as well as version 4.14 and later versions...
EUVD-2017-14879
Malware in sbrugna...
EUVD-2004-0967
Malware in sbrugna...
CVE-2024-4568
In Xpdf 4.05 and earlier, a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow...
CVE-2024-32764
A missing authentication for critical function vulnerability has been reported to affect myQNAPcloud Link. If exploited, the vulnerability could allow users with the privilege level of some functionality via a network. We have already fixed the vulnerability in the following version: myQNAPcloud...
OESA-2024-1364 rubygem-activestorage security update
Attach cloud and local files in Rails applications. Security Fixes: Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cooki...
Privilege escalation
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later...
CVE-2023-5722
Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox 119...
PT-2023-1063 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series versions prior to 20.2R3-S5 Juniper Networks Junos OS on MX Series version 20.3R1 and later versions Description: A Missing Release of Memory after Effective Lifetime issue in the Juniper Networks Junos ...
Apple iOS和Apple iPadOS 缓冲区错误漏洞
Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets. A buffer error vulnerability exists in WebKit before Apple iOS 15.4 and iPadOS 15.4, which stems from the fact that processing...
PT-2021-21063 · Zephyr · Zephyr
Name of the Vulnerable Software and Affected Versions: Zephyr versions 2.5.0 and later Description: The issue is related to Buffer Access with Incorrect Length Value in Zephyr, which is described as CWE-805. This problem affects Zephyr versions 2.5.0 and later. Recommendations: For Zephyr version...
PT-2021-22742 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.0 and later Description: The issue arises when an admin uses the impersonate feature twice and then stops impersonating. This may cause the admin to be logged in as the second user they impersonated, potentially leadin...
About the security content of watchOS 6.2 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
About the security content of iTunes 12.10.5 for Windows - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
CVE-2019-1010294
Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...