25 matches found
EUVD-2023-37227
Malicious code in bioql PyPI...
CVE-2023-33038
Memory corruption while receiving a message in Bus Socket Transport Server...
CVE-2025-27512
A flaw was found in Zincati, an auto-update agent for Fedora CoreOS hosts. This vulnerability may allow an unprivileged user with access to the system D-Bus socket to deploy older Fedora CoreOS versions, which may have other known vulnerabilities, and reboot the system into the deployed update vi...
CVE-2025-27512
Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the zincati system user to use the actions org.projectatomic.rpmostree1.deploy to deploy updates to the system and org.projectatomic.rpmostree1.finalize-deployment to reboot the system into the...
Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods
Impact Zincati ships a polkit rule which allows the zincati system user to use the following actions: - org.projectatomic.rpmostree1.deploy: used to deploy updates to the system - org.projectatomic.rpmostree1.finalize-deployment: used to reboot the system into the deployed update Since Zincati...
CVE-2025-27512 Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods
Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the zincati system user to use the actions org.projectatomic.rpmostree1.deploy to deploy updates to the system and org.projectatomic.rpmostree1.finalize-deployment to reboot the system into the...
CVE-2025-27512 Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods
Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the zincati system user to use the actions org.projectatomic.rpmostree1.deploy to deploy updates to the system and org.projectatomic.rpmostree1.finalize-deployment to reboot the system into the...
CVE-2023-33038
Memory corruption while receiving a message in Bus Socket Transport Server...
Memory corruption
Memory corruption while receiving a message in Bus Socket Transport Server...
CVE-2023-33038
CVE-2023-33038 refers to a memory corruption vulnerability in the Qualcomm Bus Socket Transport Server, triggered while receiving a message. Public documentation links this to Qualcomm’s January 2024 bulletin, which lists CVE-2023-33038 under closed‑source Qualcomm components and notes that patch...
CVE-2023-33038 Integer Overflow or Wraparound in Radio Interface Layer
Memory corruption while receiving a message in Bus Socket Transport Server...
CVE-2023-33038 Integer Overflow or Wraparound in Radio Interface Layer
Memory corruption while receiving a message in Bus Socket Transport Server...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when receiving messages in a bus socket transfer server...
PT-2024-12381 · Qualcomm · 315 5G Iot Modem Firmware +125
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs while receiving a message in the Bus Socket Transport Server. No information is provided about the...
Ubuntu 16.04 LTS / 18.04 LTS : IBus vulnerability (USN-4134-3)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4134-3 advisory. USN-4134-1 fixed a vulnerability in IBus. The update caused a regression in some Qt applications and the fix was subsequently reverted in USN-4134-2...
USN-4134-3: IBus vulnerability
USN-4134-1 fixed a vulnerability in IBus. The update caused a regression in some Qt applications and the fix was subsequently reverted in USN-4134-2. The regression has since been resolved and so this update fixes the original vulnerability. We apologize for the inconvenience. Original advisory...
USN-4134-3 ibus vulnerability
USN-4134-1 fixed a vulnerability in IBus. The update caused a regression in some Qt applications and the fix was subsequently reverted in USN-4134-2. The regression has since been resolved and so this update fixes the original vulnerability. We apologize for the inconvenience. Original advisory...
gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. Note that the server socket...
Ubuntu 16.04 LTS / 18.04 LTS : IBus vulnerability (USN-4134-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4134-1 advisory. Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers t...
Ubuntu: Security Advisory (USN-4134-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...