CVE-2024-22611

OpenEMR 7.0.2 is vulnerable to SQL Injection via \openemr\library\classes\Pharmacy.class.php, \controllers\CPharmacy.class.php and \openemr\controller.php...

USN-7407-1 linux-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7392-3 linux-aws vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

Ubuntu 24.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-7381-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7381-1 advisory. Attila Szsz discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a...

USN-7387-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

Ubuntu 22.04 LTS : Linux kernel (NVIDIA Tegra) vulnerabilities (USN-7389-1)

"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7389-1 advisory. Attila Szsz discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a...

USN-7387-1 linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7383-2 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...

USN-7382-1 linux-oem-6.11 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

USN-7380-1 linux-lowlatency vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

USN-7379-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-6.11, linux-oracle, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

The vulnerability of Zoom’s video conferencing software lies in the insufficient protection of sensitive data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Zoom Workplace, SDK, Room clients, and Room controllers’ software relates to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2025-096)

The version of kernel installed on the remote host is prior to 5.4.290-205.405. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-096 advisory. Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2025-085)

The version of kernel installed on the remote host is prior to 5.10.234-225.917. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-085 advisory. Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an...

The vulnerability of the command-line interface of SiPass IP access controllers allows attackers to execute arbitrary commands and gain unauthorized access to protected information.

The vulnerability of the command-line interface of SiPass IP access controllers is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary commands and gain unauthorized access to protected information...

Virtuozzo Hybrid Server 7.5 Update 7 Hotfix 3 (7.5.7-176)

The Hotfix 3 for Virtuozzo Hybrid Server 7.5 Update 7 provides fixes for the c2v-convert tool and VirtIO SCSI controllers. Vulnerability id: PSBM-160763 Fixed an issue where the c2v-convert tool failed to convert a container if one of its disks did not have a mount point specified in the source...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere due to the improper validation of target registry domains during the token exchange process. An attacker can extract and misuse authentication tokens by directin...

Linux Distros Unpatched Vulnerability : CVE-2022-48982

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the followi...

Linux Distros Unpatched Vulnerability : CVE-2021-47469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: spi: Fix deadlock when adding SPI controllers on SPI buses Currently we have a global...

Linux Distros Unpatched Vulnerability : CVE-2023-4154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only...