14 matches found
KB5093998: Windows 11 version 23H2 Security Update (June 2026)
The remote Windows host is missing security update 5093998. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2026-42909, CVE-2026-42913, CVE-2026-42985, CVE-2026-42992,...
CVE-2023-40735
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cavo – Connecting for a Safer World BUTTERFLY BUTTON Architecture flaw allows loss of plausible deniability and confidentiality.This issue affects BUTTERFLY BUTTON: As of 2023-08-21...
EUVD-2023-45289
Malicious code in bioql PyPI...
CVE-2025-54988 Apache Tika PDF parser module: XXE vulnerability in PDFParser's handling of XFA
Critical XXE in Apache Tika tika-parser-pdf-module in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to...
Ubuntu 24.04 LTS : Linux kernel (Azure, N-Series) vulnerabilities (USN-7468-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7468-1 advisory. Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker...
The vulnerability of the ALSA kernel component in Linux operating systems, which allows a hacker to cause a service failure
The vulnerability of the ALSA kernel component in Linux operating systems is related to incorrect blocking of resources in the function sndusx2ydisconnect. Exploiting this vulnerability can allow an attacker to cause a service failure...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from an improperly designed architecture, where out-of-bounds reads may occur. An attacker exploiting the vulnerability could gain access to...
CVE-2023-40735
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cavo – Connecting for a Safer World BUTTERFLY BUTTON Architecture flaw allows loss of plausible deniability and confidentiality.This issue affects BUTTERFLY BUTTON: As of 2023-08-21...
CVE-2023-40735
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cavo – Connecting for a Safer World BUTTERFLY BUTTON Architecture flaw allows loss of plausible deniability and confidentiality.This issue affects BUTTERFLY BUTTON: As of 2023-08-21...
CVE-2023-40735
CVE-2023-40735 concerns an exposure of sensitive information to an unauthorized actor in the BUTTERFLY BUTTON project (Butterfly Button). The issue is described as an architecture flaw that can compromise confidentiality and plausible deniability. The CVSS 3.1 metrics (NVD and CNA sources) assign...
CVE-2023-40735 Butterfly Button Project - Sensitive Information Disclosure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cavo – Connecting for a Safer World BUTTERFLY BUTTON Architecture flaw allows loss of plausible deniability and confidentiality.This issue affects BUTTERFLY BUTTON: As of 2023-08-21...
CVE-2023-40735 Butterfly Button Project - Sensitive Information Disclosure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cavo – Connecting for a Safer World BUTTERFLY BUTTON Architecture flaw allows loss of plausible deniability and confidentiality.This issue affects BUTTERFLY BUTTON: As of 2023-08-21...
PT-2023-27611 · Unknown · Butterfly Button
Name of the Vulnerable Software and Affected Versions: BUTTERFLY BUTTON affected versions not specified Description: The issue is related to an Exposure of Sensitive Information to an Unauthorized Actor vulnerability, which is caused by an architecture flaw. This flaw allows for the loss of...
hw: Fast forward store predictor
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...