CVE-2023-53625

CVE-2023-53625 : In the Linux kernel, the vgpu debugfs cleanup path for drm/i915/gvt could dereference a null or destroyed debugfs root while destroying a virtual GPU, causing a kernel NULL pointer dereference and an oops. The issue occurs in remove paths where the drm minor’s debugfs root may al...

EUVD-2001-0521

Malware in sbrugna...

EUVD-2023-59927

Malicious code in bioql PyPI...

drm/amdkfd: Destroy KFD debugfs after destroy KFD wq

...

Linux Distros Unpatched Vulnerability : CVE-2008-4996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor...

CVE-2025-38596

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF in panthorgemcreatewithhandle debugfs code The object is potentially already gone after the drmgemobjectput. In general the object should be fully constructed before calling drmgemhandlecreate, except the...

Linux Distros Unpatched Vulnerability : CVE-2023-49088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables ...

CVE-2024-25844

An issue was discovered in Common-Services "So Flexibilite" soflexibilite module for PrestaShop before version 4.1.26, allows remote attackers to escalate privileges and obtain sensitive information via debug file...

CVE-2023-53097

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

CVE-2023-53050

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix memory leak in margining Memory for the usb4-margining needs to be relased for the upstream port of the router as well, even though the debugfs directory gets released with the router device removal. Fix this...

Linux Distros Unpatched Vulnerability : CVE-2024-26940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create debugfs ttmresourcemanager entry only if needed The driver creates...

U.S. Dept Of Defense: Exposure of Sensitive Debug File Containing database dump with passwords in plain text

A publicly accessible debug file was discovered, exposing sensitive database credentials including usernames and passwords in plaintext. The file contained information such as the database name, type, and server...

The vulnerability of Dell RecoverPoint’s data protection software for virtual machines is related to an ASP.NET configuration error. Creating a binary debug file allows a malicious actor to gain unauthorized access to confidential information.

The vulnerability of Dell RecoverPoint’s data protection software for virtual machines is related to an error in ASP.NET configuration: the creation of a binary debug file. Exploiting this vulnerability can allow attackers to gain unauthorized access to confidential information...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50268)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50268 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds ...

CVE-2022-48063

...

WordPress Easy WP SMTP Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Easy WP SMTP Password Reset', 'Description' = %q Wordpress plugin Easy WP SMTP versions 'h00die', msf module this was an 0day , 'Licens...

DEBIAN-CVE-2024-42091

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Check pat.ops before dumping PAT settings We may leave pat.ops unset when running on brand new platform or when running as a VF. While the former is unlikely, the latter is valid future use case and will cause NPD when...

The vulnerability affects the file function /tmp/out of the Tesseract component of the software suite for processing, transforming, and generating Ghostscript documents. This vulnerability allows an attacker to gain unauthorized access to protected information.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through...

USN-6878-1: Linux kernel (Oracle) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

Ubuntu 24.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6878-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6878-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...