Linux kernel 安全漏洞

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory overwrite vulnerability exists in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in Linux kernel...

FalconEye - Real-time detection software for Windows process injections

FalconEye is a windows endpoint detection software for real-time process injections. It is a kernel-mode driver that aims to catch process injections as they are happening real-time. Since FalconEye runs in kernel mode, it provides a stronger and reliable defense against process injection...

PT-2021-7997

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the calculation of report length in the hid submit ctrl function, which does not account for the possibility of a zero-sized report. When a report of size 0 is...

CVE-2021-30464

OMICRON StationGuard before 1.10 allows remote attackers to cause a denial of service connectivity outage via crafted tcp/20499 packets to the CTRL Ethernet port...

CVE-2021-30464

OMICRON StationGuard before 1.10 allows remote attackers to cause a denial of service connectivity outage via crafted tcp/20499 packets to the CTRL Ethernet port...

Code injection

OMICRON StationGuard before 1.10 allows remote attackers to cause a denial of service connectivity outage via crafted tcp/20499 packets to the CTRL Ethernet port...

CVE-2021-30464

OMICRON StationGuard before 1.10 allows remote attackers to cause a denial of service connectivity outage via crafted tcp/20499 packets to the CTRL Ethernet port...

CVE-2021-30464

OMICRON StationGuard prior to version 1.10 is affected (CVE-2021-30464). The vulnerability allows remote attackers to cause a denial-of-service (connectivity outage) by sending crafted TCP packets to the CTRL Ethernet port (TCP/20499). No explicit exploit details are provided in the documents, an...

OMICRON StationGuard 资源管理错误漏洞

OMICRON StationGuard is an application from OMICRON Austria. It is used for network monitoring. A security vulnerability exists in OMICRON StationGuard versions prior to 1.10, which allows remote attackers to send a denial of service connection drop via a crafted tcp 20499 packet to the CTRL...

EulerOS Virtualization for ARM 64 3.0.5.0 : xorg-x11-server (EulerOS-SA-2020-1062)

According to the versions of the xorg-x11-server packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An incorrect permission check for -modulepath and -logfile options when starting Xorg X server allows...

EulerOS 2.0 SP8 : xorg-x11-server (EulerOS-SA-2020-1037)

According to the version of the xorg-x11-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as...

Vulnerability of the `sof_set_get_large_ctrl_data()` function (sound/soc/sof/ipc.c) in the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the sofsetgetlargectrldata function sound/soc/sof/ipc.c in the Linux kernel involves uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

CVE-2019-15803

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fdssyspassDebugPasswdret. The...

Debian DSA-4469-1 : libvirt - security update

Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the virDomainSaveImageGetXMLDesc API...

CVE-2018-20839

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE aka current keyboard mode check is mishandled...

CVE-2018-20839

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE aka current keyboard mode check is mishandled...

SUSE SLED15 / SLES15 Security Update : freerdp (SUSE-SU-2019:0539-1)

This update for freerdp to version 2.0.0rc4 fixes the following issues : Security issues fixed : CVE-2018-0886: Fix a remote code execution vulnerability CredSSP bsc1085416, bsc1087240, bsc1104918 CVE-2018-8789: Fix several denial of service vulnerabilities in the in the NTLM Authentication modul...

Repeat Ctrl down/up events sent to software on Linux VDA from Citrix Workspace App for Windows when holding down Ctrl key

There is a keyboard-related issue with the Linux VDA. If you hold down the Ctrl key when connected to the Linux VDA from Citrix Workspace Appfor Windows, you send repeat Ctrl down/up events to the software on the Linux VDA, which is expecting a single Ctrl Down event. If you hold down the Ctrl ke...

Up (Ultimate Plumber) - Tool For Writing Linux Pipes With Instant Live Preview

up is the Ultimate Plumber , a tool for writing Linux pipes in a terminal-based UI interactively, with instant live preview of command results. The main goal of the Ultimate Plumber is to help interactively and incrementally explore textual data in Linux, by making it easier to quickly build...

Updated bluez packages fix security vulnerability

A buffer overflow in pincodereplydump function CVE-2016-9800. A buffer overflow in setextctrl function CVE-2016-9801. A buffer overflow in commandsdump function CVE-2016-9804...