36 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-6861
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs processes specially crafted SVG Scalable Vector Graphics CSS...
Foxit PDF Editor < 2025.2 Multiple Vulnerabilities
According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 2025.2. It is, therefore affected by multiple vulnerabilities: - A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of ...
Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act
Google on Tuesday revealed that its large language model LLM-assisted vulnerability discovery framework identified a security flaw in the SQLite open-source database engine before it could have been exploited in the wild. The vulnerability, tracked as CVE-2025-6965 CVSS score: 7.2, is a memory...
IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
RHEL 4 : libpng (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libpng: memory corruption flaw CVE-2011-3048 - libpng: Out-of-bounds read in pngconverttorfc1123...
RHEL 5 : coreutils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - coreutils: memory corruption flaw in parsedatetime CVE-2014-9471 - coreutils: race condition vulnerabilit...
CVE-2023-38409
A memory corruption flaw was found in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denial of service. Mitigation Mitigation for this issue is to skip loading the affected module...
Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6134-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6134-1 advisory. It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some...
CVE-2023-1073
A memory corruption flaw was found in the Linux kernel’s human interface device HID subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.98 and fixes atleast the following security issues: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines o...
SUSE CVE-2016-4246
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-4172,...
NeedleDropper malware leverages a memory corruption flaw in Microsoft to disseminate
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new dropper strain dubbed NeedleDropper is used to distribute multiple malware families. The dropper attempts to obfuscate by dumping numerous useless, invalid files and storing critical data within...
Dell Hybrid Client 安全漏洞
Dell Hybrid Client is a software application from Dell USA Inc. It provides a client computing software with hybrid cloud management capabilities. A security vulnerability previously existed in Dell Hybrid Client version 1.8, which stemmed from the inclusion of a guest user profile corruption...
CVE-2021-30917
A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big...
SUSE: Security Advisory (SUSE-SU-2018:1374-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1551-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple Issues Patch for Remote Hacking Bug Affecting Billions of its Devices
Apple has released out-of-band patches for iOS, macOS, watchOS, and Safari web browser to address a security flaw that could allow attackers to run arbitrary code on devices via malicious web content. Tracked as CVE-2021-1844 , the vulnerability was discovered and reported to the company by Cléme...
Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser
Google released an update to its Chrome browser that patches a zero-day vulnerability in the software’s FreeType font rendering library that was actively being exploited in the wild. Security researcher Sergei Glazunov of Google Project Zero discovered the bug which is classified as a type of...
Latest iOS 12.1.4 Update Patches 2 Zero-Day and FaceTime Bugs
Apple has finally released iOS 12.1.4 software update to patch the terrible Group FaceTime privacy bug that could have allowed an Apple user to call you via the FaceTime video chat service and hear or see you before you even pick up the call without your knowledge. The Facetime bug CVE-2019-6223...
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:1366-1) (Spectre)
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.131 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-3639: Information leaks using 'Memory Disambiguation' feature in modern CPUs were mitigated, aka 'Spectre Variant 4' bnc1087082. A new boot...