The vulnerability of the microprogramming software for Quantum HD Unity Compressor, Quantum HD Unity AcuAir, Quantum HD Unity, Quantum HD Unity Engine Room, and Quantum HD Unity Interface allows a perpetrator to execute arbitrary commands.

The vulnerability of Microprogrammed Software for Quantum HD Unity Compressor, Quantum HD Unity AcuAir, Quantum HD Unity, Quantum HD Unity Engine Room, and Quantum HD Unity Interface exists due to the improper activation of debugging modes for certain services. Exploiting this vulnerability allow...

[SECURITY] Fedora 39 Update: gst-devtools-1.22.7-1.fc39

Development and debugging tools for GStreamer...

Bread - BIOS Reverse Engineering And Advanced Debugging

BREAD BIOS Reverse Engineering & Advanced Debugging is an 'injectable' real-mode x86 debugger that can debug arbitrary real-mode code on real HW from another PC via serial cable. Introduction BREAD emerged from many failed attempts to reverse engineer legacy BIOS. Given that the vast majority -- ...

RHEL 9 : cups (RHSA-2023:6596)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6596 advisory. The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups...

[SECURITY] Fedora 39 Update: gdb-13.2-10.fc39

GDB, the GNU debugger, allows you to debug programs written in C, C++, Fortran, Go, and other languages, by executing them in a controlled fashion and printing their data. If you want to use GDB for development purposes, you should install the 'gdb' package which will install 'gdb-headless' and...

First handset with MTE on the market

By Mark Brand, Google Project Zero Introduction It's finally time for me to fulfill a long-standing promise. Since I first heard about ARM's Memory Tagging Extensions, I've said to far too many people at this point to be able to back out… that I'd immediately switch to the first available device...

The vulnerability of multi-platform software for local development and website debugging, caused by buffer overflows, allows attackers to trigger service failures.

The vulnerability of multi-platform software for local website development and debugging is due to buffer overflow. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

Exploit for Heap-based Buffer Overflow in Gnu Glibc

Proof of concept for CVE-2023-4911 Looney Tunables This vu...

SUSE: Security Advisory (SUSE-SU-2023:4184-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4185-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4183-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:4185-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-34323: Fixed a potential crash in C Xenstored due to an incorrect assertion XSA-440 bsc1215744. - CVE-2023-34326: Fixed a missing IOMMU TLB flush on x86 AMD systems with IOMMU hardware and PCI passthrough enabled XSA-442 bsc1215746. -...

SUSE-SU-2023:4184-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-34323: Fixed a potential crash in C Xenstored due to an incorrect assertion XSA-440 bsc1215744. - CVE-2023-34326: Fixed a missing IOMMU TLB flush on x86 AMD systems with IOMMU hardware and PCI passthrough enabled XSA-442 bsc1215746. -...

The vulnerability of the Junos Kernel Debugging Streaming Daemon (jkdsd) in Juniper Networks’ Junos operating systems allows a hacker to cause a service failure.

The vulnerability of the Junos Kernel Debugging Streaming Daemon jkdsd in Juniper Networks’ Junos operating systems is related to synchronization errors when using shared resources for processing telemetry data. Exploiting this vulnerability can allow a malicious actor to trigger service failures...

CVE-2023-4645

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the aiajax function. This can allow unauthenticated attackers to extract sensitive data such as post titles and slugs including those of protected posts along with their...

Design/Logic Flaw

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the aiajax function. This can allow unauthenticated attackers to extract sensitive data such as post titles and slugs including those of protected posts along with their...

CVE-2023-4645 Ad Inserter <= 2.7.30 - Unauthenticated Sensitive Information Exposure via ai_ajax

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the aiajax function. This can allow unauthenticated attackers to extract sensitive data such as post titles and slugs including those of protected posts along with their...

Exploit for Out-of-bounds Write in Haxx Libcurl

CVE-2023-38545: Curl Vulnerability Proof of Concept This repos...

SUSE CVE-2023-34323

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

Siemens SICAM A8000 Device CPCI85 Firmware Hardcoded Credentials Vulnerability

The SICAM A8000 RTU Remote Terminal Unit series is a modular family of devices for remote control and automation applications in all areas of energy supply. A hard-coded credentials vulnerability exists in the CPCI85 firmware of the Siemens SICAM A8000 device, which can be exploited by an attacke...