80 matches found
[SECURITY] [DSA 5910-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5910-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 30, 2025 https://www.debian.org/security/faq -...
CVE-2024-26314
CVE-2024-26314 describes an ** Improper Privilege Management CWE-269** in Jungo WinDriver versions 6.0.0 through 16.1.0. The vulnerability allows a local attacker to escalate privileges and execute arbitrary code on affected systems. The root cause, as documented across multiple sources, is a pri...
CVE-2024-23234
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to execute arbitrary code with kernel privileges...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : NPM IP vulnerability (USN-6643-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by a vulnerability as referenced in the USN-6643-1 advisory. Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker...
[SECURITY] [DLA 3551-1] otrs2 security update
Debian LTS Advisory DLA-3551-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin August 31, 2023 https://wiki.debian.org/LTS Package : otrs2 Version : 6.0.16-2+deb10u1 CVE ID : CVE-2019-11358 CVE-2019-12248 CVE-2019-12497 CVE-2019-12746 CVE-2019-13458 CVE-2019-16375...
CVE-2023-39454
Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code...
CVE-2023-39454
Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code...
CVE-2022-44939
Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL...
CVE-2022-32948
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges...
CVE-2021-40165
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code...
CVE-2022-26776
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution...
Denial Of Service (DoS)
firefox is vulnerable to denial of service. The vulnerability exists due to lack of restrictions which allows an attacker to bypass permission prompts, obtain sensitive information, bypass security restrictions, or execute arbitrary code...
Slackware: Security Advisory (SSA:2016-203-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-44630
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloudconfig/routerpost/modifyaccountpwd feature, which allows malicious users to execute arbitrary code on the system via a crafted post request...
CVE-2021-44142
An out-of-bounds heap read write vulnerability was found in Samba. Due to a boundary error when processing EA metadata while opening files in smbd within the VFS Samba module vfsfruit, a remote attacker with ability to write to file's extended attributes can trigger an out-of-bounds write and...
Adobe Acrobat and Reader Use After Free (APSB22-01: CVE-2021-44706)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
USN-5208-1: Linux kernel vulnerabilities
Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. CVE-2021-4002 It was discovered that a race condition existed in the...
Apache Log4j Message Lookup Substitution RCE (Log4Shell) (Direct Check)
Binary data apachelog4jjdnildapgeneric.nbin...
Integer overflow
An Integer Overflow exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22001B in the Accops HyWorks Windows Client prior to v 3.2.8.200 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via...
CVE-2021-34864
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...