Privilege Escalation

kernel-rt is vulnerable to privilege escalation. The vulnerability exists due to certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value which allows an unprivileged user to send a Netlink message that is associated with iSCSI, and has...

OracleVM 3.4 : kernel-uek (OVMSA-2021-0008)

The remote OracleVM system is missing necessary patches to address security updates: - An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsitransport structure. When an iSCSI transport is registered with the iSCSI...

Linux kernel buffer overflow vulnerability (CNVD-2021-19422)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions 5.11.3 and earlier, which stems from certain iSCSI data structures not having proper length constraints or checks. No...

CVE-2021-27365

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

CVE-2021-27365

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

CVE-2021-27365

CVE-2021-27365 affects the Linux kernel iSCSI subsystem. The issue is a heap overflow in iSCSI data handling where certain iSCSI data structures lack proper length checks and can exceed PAGE_SIZE; an unprivileged, local user can send a Netlink message (up to the maximum Netlink message length) an...

CVE-2021-27365

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions 5.11.3 and earlier, which stems from certain iSCSI data structures not having proper length constraints or checks. No...

CVE-2020-35512

A use-after-free flaw was found in D-Bus Development branch = 1.13.16, dbus-1.12.x stable branch = 1.12.18, and dbus-1.10.x and older branches = 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in...

Arbitrary Code Execution

kernel is vulnerable to arbitrary code execution. The vulnerability exists through a use-after-free in the sound subsystem as card disconnection causes certain data structures to be deleted too early...

[SECURITY] Fedora 33 Update: perl-Convert-ASN1-0.27-21.fc33

Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules...

Vulnerability of software packages for monitoring and data collection: MC Works64/MC Works32, FrameWorX server, centralized configuration environment for HMI-/SCADA applications, Platform Services software platform, GenBroker64/GenBroker32 application for managing access rights. This vulnerability allows a malicious actor to execute arbitrary code or trigger a service failure.

The vulnerabilities of the software packages for supervisory control and data collection, MC Works64/MC Works32, the FrameWorX server, the centralized configuration environment for HMI-/SCADA applications, the Platform Services software platform, and the GenBroker64/GenBroker32 application for...

Vulnerability of software packages for monitoring and data collection: MC Works64/MC Works32, FrameWorX server, centralized configuration environment for HMI-/SCADA applications, Platform Services software platform, GenBroker64/GenBroker32 application for managing access rights. This vulnerability allows a malicious actor to trigger a service failure.

The vulnerabilities of the software packages for supervisory control and data collection MC Works64/MC Works32, the FrameWorX server, the centralized configuration environment for HMI-/SCADA applications, the Platform Services software platform, and the GenBroker64/GenBroker32 application for...

[SECURITY] Fedora 33 Update: jctools-3.1.0-1.fc33

This project aims to offer some concurrent data structures currently missing from the JDK: =EF=BF=BD=EF=BF=BD SPSC/MPSC/SPMC/MPMC Bounded lock free queues =EF=BF=BD=EF=BF=BD SPSC/MPSC Unbounded lock free queues =EF=BF=BD=EF=BF=BD Alternative interfaces for queues =EF=BF=BD=EF=BF=BD Offheap...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as the code for the HFS and HFS Plus HFS+ file systems failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. The ext2 and ext3 filesystem code failed to properly handle corrupted data structures, leading to a possible local denial of service issue when read or write operations were performed...

CVE-2019-20637

An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the...

Nfstream - A Flexible Network Data Analysis Framework

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...

drm graphics drivers -- potential information disclusure via local access

Intel reports: .A potential security vulnerability in IntelR Processor Graphics may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Description: Insufficient control flow in certain data structures for some IntelR Processors with IntelR...

Pbtk - A Toolset For Reverse Engineering And Fuzzing Protobuf-based Apps

Protobuf is a serialization format developed by Google and used in an increasing number of Android, web, desktop and more applications. It consists of a language for declaring data structures , which is then compiled to code or another kind of structure depending on the target implementation. pbt...