14 matches found
EUVD-2024-52766
Malicious code in bioql PyPI...
CVE-2024-55410
...
CVE-2024-55411
CVE-2024-55411 affects the SUNIX Multi I/O Card, specifically the snxpcamd.sys driver (v10.1.0.0). The vulnerability allows an attacker to perform arbitrary read and write actions by sending crafted IOCTL requests to the affected driver. The root cause is exploitation of IOCTL handling within snx...
CVE-2024-27834
CVE-2024-27834 is a WebKit-related vulnerability where an attacker with arbitrary read/write capability may bypass Pointer Authentication. The issue is identified across WebKitGTK/WebKit2GTK deployments and is addressed by updates across multiple ecosystems: Apple platforms: fixed in iOS 17.5/iPa...
Authentication flaw
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been...
CVE-2022-48618
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been...
CVE-2022-48618
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been...
CentOS 7 : kernel (RHSA-2023:5622)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5622 advisory. - In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and...
AlmaLinux 9 : kpatch-patch (ALSA-2023:3705)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:3705 advisory. - A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perfgroupdetach...
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2023-020)
The version of kernel installed on the remote host is prior to 5.15.110-70.143. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2023-020 advisory. A denial of service problem was found, due to a possible recursive locking scenario, resulting in a...
AlmaLinux 8 : kernel (ALSA-2023:3349)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3349 advisory. - In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write...
AlmaLinux 8 : kernel-rt (ALSA-2023:3350)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3350 advisory. - In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write...
Oracle Linux 8 : kernel (ELSA-2023-3349)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3349 advisory. - netfilter: nftables: deactivate anonymous set from preparation phase Florian Westphal 2196147 2196146 CVE-2023-32233 Tenable has extracted the preceding...
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6123-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6123-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...