EUVD-2017-12323

Malware in sbrugna...

Oracle Linux 9 : kernel (ELSA-2024-0461)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0461 advisory. - nfp: fix use-after-free in areacacheget Ricardo Robaina RHEL-19456 RHEL-19536 RHEL-6566 RHEL-7241 CVE-2022-3545 - fbcon: setcon2fbmap needs to set...

SUSE-SU-2023:4345-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nftables component can be exploited to achieve local privilege escalation. bsc1215095 -...

webkit: pointer authentication bypass

A vulnerability was found in Webkit. This flaw allows an attacker with arbitrary read and write capability to bypass pointer authentication...

GHSA-5V8V-GWMW-QW97 org.neo4j.procedure:apoc Path Traversal Vulnerability

Impact A Path Traversal Vulnerability found in the apoc.export. procedures of apoc plugins in Neo4j Graph database. The issue allows a malicious actor to potentially break out of the expected directory. The vulnerability is such that files could only be created but not overwritten. For the...

VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation

VMware: Host VMX Process Impersonation Hijack EoP Platform: VMware Workstation Windows v14.1.5 on Windows 10. Also tested VMware Player 15.0.2. Class: Elevation of Privilege Summary: The creation of the VMX process on a Windows host can be hijacked leading to elevation of privilege. Description:...

VulnCheck KEV: CVE-2017-3197

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 and GB-BXi7-5775 version F2 platforms does not securely implement BIOSWE, BLE, SMMBWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash...

openSUSE Security Update : php5 (openSUSE-2016-1095)

This update for php5 fixes the following security issues : - CVE-2016-7124: Create an Unexpected Object and Don't Invoke wakeup in Deserialization - CVE-2016-7125: PHP Session Data Injection Vulnerability - CVE-2016-7126: selectcolors write out-of-bounds - CVE-2016-7127: imagegammacorrect allowed...

SUSE-SU-2016:2328-1 Security update for php53

This update for php53 fixes the following security issues: CVE-2014-3587: Integer overflow in the cdfreadpropertyinfo affecting SLES11 SP3 bsc987530 CVE-2016-6297: Stack-based buffer overflow vulnerability in phpstreamzipopener bsc991426 CVE-2016-6291: Out-of-bounds access in...

Internet Bug Bounty: imagegammacorrect allows arbitrary write access

Upstream Bug --- 2016-08-02 03:46 UTC https://bugs.php.net/bug.php?id=72730 Summary -- imagegammacorrect accepts two gamma values, if they don't have the same sign then the palette colors will be assigned values bigger than 0xFF, later this values are used to calculate the transparent color using...