101 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-52595
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.0, the HTML Parser in lxml does not properly hand...
CVE-2025-46406
A Privilege Context Switching Error CWE-270 in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 MR1, 9.20 prio...
CVE-2025-46406
A Privilege Context Switching Error CWE-270 in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 MR1, 9.20 prio...
PT-2025-28974 · Unknown · Command Centre Server
Name of the Vulnerable Software and Affected Versions: Command Centre Server versions prior to 9.30.1874 MR1 Command Centre Server versions prior to 9.20.2337 MR3 Command Centre Server versions prior to 9.10.3194 MR6 Command Centre Server versions prior to 9.00.3371 MR7 Command Centre Server...
UBUNTU-CVE-2025-38188
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...
CVE-2025-38188 drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...
CVE-2025-38188
CVE-2025-38188 affects the Linux kernel DRM MSM (a7xx) path. The vulnerability arises from missing CP_RESET_CONTEXT_STATE handling when switching contexts, risking userspace submissions in one context causing another context to hang (DoS) without data leakage. The fix ensures CP_RESET_CONTEXT_STA...
CVE-2025-38188 drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...
Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux
PoC exploit for CVE-2021-3493, an Ubuntu OverlayFS Local Privesc vulnerability. The target is the Linux kernel, specifically the overlayfs file system, which did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to...
PT-2025-18693 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2025.1.5.0 and earlier Description: The issue concerns a privilege context switching error in the PAM JIT feature of Devolutions Server. This error allows a PAM JIT account password to be improperly reset after usa...
Privilege Context Switching Error
Overview Affected versions of this package are vulnerable to Privilege Context Switching Error due to the injectPrimitives function not taking sandbox protection into account for folder-scoped libraries. A user with Item/Configure permission can bypass the sandbox to execute code in the Jenkins...
The vulnerability of Fortinet FortiClientWindows security devices, related to context switching privilege errors, allows attackers to elevate their privileges.
The vulnerability of Fortinet FortiClientWindows protection devices is related to context switching privilege errors. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Session Token Handler component of the software platform based on Git for collaborative code development on GitLab allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Session Token Handler component in the Git-based software development platform, which is used for collaborative code development on GitLab, is related to context switching errors during privilege handling. Exploiting this vulnerability can allow an attacker, operating...
The vulnerability of Dell PowerScale InsightIQ software for performance monitoring and reporting, related to context switching errors during privilege escalation, allows a perpetrator to elevate their privileges to the root level.
The vulnerability of the Dell PowerScale InsightIQ software for performance monitoring and reporting is related to context switching privilege errors. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level...
CVE-2024-12570 Privilege Context Switching Error in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.4.6, from 17.5 prior to 17.5.4, and from 17.6 prior to 17.6.2. It may have been possible for an attacker with a victim's CIJOBTOKEN to obtain a GitLab session token belonging to the victim...
PT-2024-10153 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.7 through 17.4.6 GitLab CE/EE versions 17.5 through 17.5.4 GitLab CE/EE versions 17.6 through 17.6.2 Description: An issue has been discovered in GitLab CE/EE that may have allowed an attacker with a victim's CI JOB...
GitLab 13.7 < 17.4.6 / 17.5 < 17.5.4 / 17.6 < 17.6.2 (CVE-2024-12570)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Privilege Context Switching Error in GitLab CVE-2024-12570 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...
PYSEC-2024-160
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as , and . This behavior deviates from how web browsers parse and interpret such tags...
DEBIAN-CVE-2024-52595
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as , and . This behavior deviates from how web browsers parse and interpret such tags...
CVE-2024-52595
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as , and . This behavior deviates from how web browsers parse and interpret such tags...