56 matches found
MiracleLinux 8 : microcode_ctl-20190618-1.20191115.3.el8 (AXEA:2020-144:03)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXEA:2020-144:03 advisory. - Insufficient access control in protected memory subsystem for IntelR SGX for 6th, 7th, 8th, 9th Generation IntelR CoreTM Processor Families; IntelR...
MiracleLinux 7 : microcode_ctl-2.1-53.3.el7 (AXEA:2019-4383:06)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXEA:2019-4383:06 advisory. - Insufficient access control in protected memory subsystem for IntelR SGX for 6th, 7th, 8th, 9th Generation IntelR CoreTM Processor Families; Intel...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003725)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003725 advisory. TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003131)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003131 advisory. Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to...
EUVD-2020-1963
Malware in sbrugna...
EUVD-2020-1594
Malware in sbrugna...
CVE-2023-21345
In Game Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21319
In UsageStatsService, there is a possible way to read installed 3rd party apps due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21296
In Permission, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2023-21303
In Content, here is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-52032
Mattermost versions 10.0.x = 10.0.0 and 9.11.x = 9.11.2 fail to properly query ElasticSearch when searching for the channel name in channel switcher which allows an attacker to get private channels names of channels that they are not a member of, when Elasticsearch v8 was enabled...
CVE-2024-52032
Mattermost CVE-2024-52032 affects Mattermost Server versions 10.0.x (up to 10.0.0) and 9.11.x (up to 9.11.2). The root cause is a failure to properly query Elasticsearch when performing channel-name lookups in the channel switcher while Elasticsearch v8 is enabled. This can allow an attacker to o...
Design/Logic Flaw
In BTMBleVerifySignature of btmble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to the disclosure of side-channel information in the BTMble.cc script BTMBleVerifySignature, which can be exploited by an attacker to gain elevated...
CVE-2023-21354
In Package Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21327
In Permission Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21335
In Settings, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21326
In Package Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21324
In Package Installer, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21299
In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...