88 matches found
Advisory ROSA-SA-2025-2733
Software: unbound 1.16.2 OS: ROSA Virtualization 3.0 packageevrstring: unbound-1.16.2-5.8.rv30 CVE-ID: CVE-2023-50387 BDU-ID: 2024-01359 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic...
Advisory ROSA-SA-2025-2691
Software: dnsmasq 2.79 OS: ROSA Virtualization 3.0 packageevrstring: dnsmasq-2.79-31 CVE-ID: CVE-2020-25682 BDU-ID: 2021-01118 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the extractname function rfc1035.c of the dnsmasq DNS server is related to a buffer overflow in dynamic memory. Exploitation ...
Advisory ROSA-SA-2025-2675
software: libssh2 1.10.0 OS: ROSA-CHROME packageevrstring: libssh2-1.10.0-3 CVE-ID: CVE-2023-48795 BDU-ID: 2023-08853 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process...
Advisory ROSA-SA-2025-2670
software: runc 1.1.7 OS: ROSA-CHROME packageevrstring: runc-1.1.7 CVE-ID: CVE-2024-21626 BDU-ID: 2024-00973 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Runc isolated container launch tool is related to a flaw in the controlled area delimitations of the system. Exploitation of the vulnerabili...
Advisory ROSA-SA-2025-2647
software: fuseiso 20070708 WASP: ROSA-CHROME packageevrstring: fuseiso-20070708-12 CVE-ID: CVE-2015-8836 BDU-ID: 2016-00922 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the isofsrealreadzf isofs.c function of the FuseISO disk image mount software tool is caused by an integer overflow...
Advisory ROSA-SA-2025-2617
software: openssl 1.1.1w OS: ROSA-CHROME packageevrstring: openssl-1.1.1.1w-3 CVE-ID: CVE-2023-5678 BDU-ID: 2023-08615 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the DHgeneratekey function of the OpenSSL library is related to the generation of excessively long X9.42 DH keys. Exploitation of t...
Advisory ROSA-SA-2025-2616
software: opusfile 0.12 WASP: ROSA-CHROME packageevrstring: opusfile-0.12-3 CVE-ID: CVE-2022-47021 BDU-ID: 2023-00624 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the opgetdata and opopen1 opusfile.c functions in the xiph of the opusfile stream decoder library is related to null pointer...
usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()
...
CVE-2024-28962
Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service...
PT-2024-22645 · Dell · Alienware Update Uwp +2
Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update UWP versions prior to 5.4 Description: The issue is related to an Exposed Dangerous Method or Function, which could be exploited by an unauthenticated attacker with remote access,...
Low: vim
Issue Overview: Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory...
The vulnerability of the Dell Command | Update, Dell Update, and Alienware Update software relates to a insecure operation at the mount point in the Windows operating system. This allows an attacker to delete arbitrary files.
The vulnerability of the Dell Command | Update, Dell Update, and Alienware Update programs is related to a unsafe operation at the mount point in the Windows operating system. Exploiting this vulnerability could allow an attacker to delete arbitrary files...
CVE-2023-28065
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...
Privilege escalation
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...
CVE-2023-28071
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...
Design/Logic Flaw
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...
CVE-2023-28071
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...
部分Dell产品 后置链接漏洞
Dell Command Update and Dell Update and Alienware Update are both products of Dell, Inc.Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in Dell products.Dell Update and Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in...
PT-2023-21527 · Dell · Alienware Update +2
Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior Description: The issue is related to an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit thi...
Dell Command Update 后置链接漏洞
Dell Command Update is a tool from Dell USA used to automatically update drivers, BIOS and firmware in Dell products. A security vulnerability exists in Dell Command Update, Dell Update, Alienware Update version 4.9.0 and prior versions. An attacker could exploit the vulnerability to create...