12 matches found
EUVD-2005-2071
Malware in sbrugna...
CVE-2025-0309
An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to...
CVE-2023-2593
A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system...
PT-2025-29047 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the kernel's ksmbd module where the free transport function for TCP connections can be invoked from smbdirect, potentially leading to a kernel oops. This issue has bee...
CVE-2020-25533
An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can constru...
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Authentication in the RHEL UBI (CVE-2023-27538)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-27538 This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-27538 DESCRIPTION: cURL libcurl could allow a local attacker to bypass security restrictions,...
SUSE-SU-2023:4071-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39194: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. bsc1215861 - CVE-2023-3919...
Design/Logic Flaw
An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with th...
Design/Logic Flaw
In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download...
The vulnerability of the URLConnection class in the Android operating system allows a hacker to inject arbitrary scripts or set arbitrary values in cookies.
The vulnerability of the HTTP header of the URLConnection class in the Android operating system exists due to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a malicious actor to inject arbitrary scripts or set arbitrary values in cookies remotely...
security flaw
The checkconnection function in sqlparse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read...
spoofing.tcp.blind.linux.txt
Date: Tue, 9 Mar 1999 16:28:24 -0800 From: Security Research Labs To: [email protected] Subject: Linux Blind TCP Spoofing The following text is in the "iso-8859-1" character set. Your display is set for the "US-ASCII" character set. Some characters may be displayed incorrectly. -----BEGIN PGP...