16 matches found
EUVD-2022-54676
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length parameter that is passed maybe less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmwar...
EUVD-2024-53846
Malicious code in bioql PyPI...
ALSA-2025:7419 Important: mod_auth_openidc security update
The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: modauthopenidc allows OIDCProviderAuthRequestMethod POSTs to leak...
Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
Torward is an improved version based on the torghost-gn and darktor scripts, designed to enhance anonymity on the Internet. The tool prevents data leaks and forces all traffic from our computer to be routed exclusively through the Tor network, providing a high level of privacy in our connections...
Linux Distros Unpatched Vulnerability : CVE-2024-41079
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words aka results for the command queue entry need to be set to 0 when th...
Linux Distros Unpatched Vulnerability : CVE-2024-46854
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: dpaa: Pad packets to ETHZLEN When sending packets under 60 bytes, up to three bytes of the buffer following the data may be leaked. Avoid this by extending...
CVE-2022-49556
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length parameter that is passed maybe less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmwar...
SUSE-SU-2023:4130-1 Security update for grub2
This update for grub2 fixes the following issues: - CVE-2023-4692: Fixed an out-of-bounds write at fs/ntfs.c which may lead to unsigned code execution. bsc1215935 - CVE-2023-4693: Fixed an out-of-bounds read at fs/ntfs.c which may lead to leak sensitive information. bsc1215936...
ChatGPT's Data Protection Blind Spots and How Security Teams Can Solve Them
In the short time since their inception, ChatGPT and other generative AI platforms have rightfully gained the reputation of ultimate productivity boosters. However, the very same technology that enables rapid production of high-quality text on demand, can at the same time expose sensitive corpora...
CVE-2023-22469 Nextcloud Deck card vulnerable to data leak to unauthorized users via reference preview cache
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference preview for Deck cards the user has no access to, unauthorized user could eventually get the cached data of a user that has access. There ar...
SUSE-SU-2020:14578-1 Security update for xen
This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...
ManageEngine DataSecurity Plus Authentication Bypass
XL-2020-002 - DataSecurity Plus Xnode Server - Authentication Bypass =============================================================================== Identifiers ------------------------------------------------- CVE-2020-11532 XL-20-002 CVSSv3 score ------------------------------------------------...
ManageEngine DataSecurity Plus Path Traversal / Code Execution
XL-2020-001 - DataSecurity Plus Xnode Server - Remote Code Execution via Path Traversal =============================================================================== Identifiers ------------------------------------------------- CVE-2020-11531 XL-20-001 CVSSv3 score...
SUSE-SU-2018:2367-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP1)
This update for the Linux Kernel 3.12.74-606466 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...
SUSE-SU-2016:2936-1 Security update for qemu
This update for qemu fixes the following issues: - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12 - Change package post script udevadm trigger calls to be device specific bsc1002116 - Address various security/stability issues Fix OOB access in xlnx.xpx-ethernetlite...
Former UCM Students Charged with Hacking and Data Theft
Two former University of Central Missouri students have been charged with hacking university databases, stealing confidential information, and attempting to sell it for profit. Joseph Camp and Daniel Fowler were indicted by a federal grand jury. They allegedly created a computer virus and spread ...