Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2023-054 (ALASKERNEL-5.4-2023-054)

The version of kernel installed on the remote host is prior to 5.4.253-167.359. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2023-054 advisory. A use-after-free flaw was found in btrfssearchslot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This...

SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2023:3988-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3988-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were...

Amazon Linux 2 : kernel, --advisory ALAS2-2023-2268 (ALAS-2023-2268)

The version of kernel installed on the remote host is prior to 4.14.322-244.536. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2268 advisory. A flaw in the Linux Kernel found in the GFS2 file system. On corrupted gfs2 file systems the evict code can try to...

The vulnerability of the Sandbox component in operating systems such as iPadOS, tvOS, iOS, watchOS, and macOS allows a hacker to re-record any files they desire.

The vulnerability of the Sandbox component in operating systems such as iPadOS, tvOS, iOS, watchOS, and macOS arises from the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to overwrite arbitrary files...

SUSE-SU-2023:3971-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service bsc1203330. - CVE-2022-40133:...

SUSE-SU-2023:3969-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of the...

CVE-2023-24287

A crafted save file can cause a buffer overrun in the Undead puzzle...

CVE-2023-24286

A crafted save file can cause a buffer overrun in the Mosaic puzzle...

CVE-2023-24291

A crafted save file can cause a buffer overrun in Simon Tatham's Portable Puzzle Collection...

CVE-2023-24288

A crafted save file can cause a buffer overrun in Simon Tatham's Portable Puzzle Collection...

CVE-2023-24284

A crafted save file can cause a buffer overrun in the Guess puzzle...

CVE-2023-24285

A crafted save file can cause a buffer overrun in the Netslide puzzle...

CVE-2023-24283

A crafted save file can cause a buffer overrun in the Guess puzzle...

SUSE-SU-2023:3964-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of...

The vulnerability of the SMTP protocol implementation in a mail server allows a hacker to execute arbitrary code.

The vulnerability of the SMTP protocol implementation in email servers is related to the execution of operations beyond the buffer boundaries in memory when processing requests. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Exim SMTP mail server allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Exim mail server’s SMTP service is related to the issue of operations going beyond the buffer in memory when implementing a DNSDB-style search mechanism. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected...

The vulnerability of OPTEE, a microprogramming software component for MediaTek chips, allows attackers to enhance their privileges.

The vulnerability of OPTEE microprogramming software components in MediaTek’s chips relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the formSetWanL2TP function in the microprogramming software for D-Link DIR-619L routers allows a hacker to induce a service failure.

The vulnerability of the formSetWanL2TP function in the microprogramming software for D-Link DIR-619L routers is related to the writing of data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

The vulnerability of the SetAPLanSettings() function in the microprogramming software of the D-Link DAP-1325 wireless signal booster allows a hacker to execute arbitrary code.

The vulnerability of the SetAPLanSettings function in the microprogramming software of the D-Link DAP-1325 wireless signal booster is related to the execution of operations outside the buffer in memory when processing XML data. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the SetAPLanSettings function in the microprogramming software of the D-Link DAP-1325 wireless signal booster allows a intruder to execute arbitrary code.

The vulnerability of the SetAPLanSettings function in the microprogramming software of the D-Link DAP-1325 wireless signal booster is related to the execution of operations outside the buffer in memory when processing XML data. Exploiting this vulnerability allows a remote attacker to execute...