29 matches found
DEBIAN-CVE-2024-42312
In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize iuid/igid Always initialize iuid/igid inside the sysfs core so setownership can safely skip setting them. Commit 5ec27ec735ba "fs/proc/procsysctl.c: fix the default values of iuid/igid on /proc/sys...
kernel: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...
CVE-2023-22836
In cases where a multi-tenant stack user is operating Foundry’s Linter service, and the user changes a group name from the default value, the renamed value may be visible to the rest of the stack’s tenants...
Palantir Foundry Security Breach
Palantir Foundry is a business process management platform from US-based Palantir. A security vulnerability exists in Palantir Foundry Guardian versions prior to 2.278.0. An attacker who exploited the vulnerability to change the group name of a default value, the renamed value could be visible to...
Advantech R-SeeNet 安全漏洞
Advantech R-SeeNet is an industrial monitoring software from Advantech, China. An information disclosure vulnerability exists in Advantech R-SeeNet, which can be exploited by an attacker to obtain login credentials and the default SNMP group string from the snmpmon.ini file and use this informati...
Design/Logic Flaw
ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges member is able to upload this. It is possible to bypass the MIME type check and file-extension check...
SNMP Default Group Name Vulnerability in Fibre Channel Switch SW200 Devices
This product is a Fibre Channel switch. An SNMP default group name vulnerability exists in the Fibre Channel Switch SW200 device. An attacker can exploit the vulnerability to obtain sensitive system information, posing information leakage and operational security risks...
MGASA-2013-0263 Updated 389-ds-base packag fixes security vulnerabilies and incorrect group usage
Updated 389-ds-base packages fix security vulnerabilities: It was discovered that the 389 Directory Server did not honor defined attribute access controls when evaluating search filter expressions. A remote attacker with permission to query the Directory Server could use this flaw to determine th...
ipa security, bug fix and enhancement update
3.0.0-25.el6 - Filter generated winbind dependencies so the right version of samba can be installed. 905594 3.0.0-24.el6 - Add certmonger condrestart to server post scriptlet 903758 - Make certmonger a pre Requires 903758 - Add selinux-policy to Requirespre to avoid post scriptlet AVCs 903758 - S...