137 matches found
PT-2025-44136
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel's NTFS3 subsystem related to integer overflow in the run unpack function. The run unpack function decodes compressed runlist data from MFT attributes,...
EulerOS 2.0 SP13 : grub2 (EulerOS-SA-2025-1990)
According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.CVE-2024-49504 Tenable has extracted the preceding...
[SECURITY] Fedora 42 Update: udisks2-2.10.90-3.fc42
The Udisks project provides a daemon, tools and libraries to access and manipulate disks, storage devices and technologies...
CVE-2023-25953
Code injection vulnerability in Drive Explorer for macOS versions 3.5.4 and earlier allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. Since a full disk access privilege is required to execute LIN...
CVE-2023-42913
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions...
CVE-2021-30856
This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions. This issue is fixed in macOS Big Sur 11.3. A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences...
CVE-2024-56142 Path Traversal in pghoard
pghoard is a PostgreSQL backup daemon and restore tooling that stores backup data in cloud object stores. A vulnerability has been discovered that could allow an attacker to acquire disk access with privileges equivalent to those of pghoard, allowing for unintended path traversal. Depending on th...
PGHoard Path Traversal vulnerability
A vulnerability has been discovered that could allow an attacker to acquire disk access with privileges equivalent to those of pghoard, allowing for unintended path traversal. Depending on the permissions/privileges assigned to pghoard, this could allow disclosure of sensitive information...
PT-2024-36724
Name of the Vulnerable Software and Affected Versions pghoard versions prior to 2.2.2a Description A vulnerability has been discovered in pghoard that could allow an attacker to acquire disk access with privileges equivalent to those of pghoard, allowing for unintended path traversal. Depending o...
GHSA-2X2G-32R7-P4X8 Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider
Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients. Apache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also...
CVE-2024-31141
CVE-2024-31141 affects Apache Kafka Clients (2.3.0–3.7.0, including 3.5.2 and 3.6.2) with ConfigProvider plugins that read from disk or environment variables via FileConfigProvider/DirectoryConfigProvider/EnvVarConfigProvider. The root cause is improper privilege management that allows untrusted ...
PT-2024-12023 · Diebold Nixdorf · Vynamic Security Suite
Name of the Vulnerable Software and Affected Versions: Diebold Nixdorf Vynamic Security Suite VSS versions prior to 3.3.0 SR4 Description: The issue arises from the failure to validate /etc/initab during the Pre-Boot Authorization PBA process. This can be exploited by a physical attacker who is...
SUSE CVE-2022-48753
In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in diskregisterindependentaccessranges kobjectinitandadd takes reference even when it fails. According to the doc of kobjectinitandadd If this function returns an error, kobjectput must be called to properl...
CVE-2023-42913
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions...
CVE-2023-42913
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions...
CVE-2023-42913
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions...
CVE-2023-42913
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions...
CVE-2023-42913
CVE-2023-42913 affects macOS Sonoma 14.2 where remote Login sessions may obtain full disk access due to an issue in state management. Apple and Red Hat/NVD references indicate the vulnerability is addressed in macOS Sonoma 14.2 (with fixes applied to Remote Login/session handling). The root cause...
PT-2024-8692
Name of the Vulnerable Software and Affected Versions Apache Kafka Clients versions 2.3.0 through 3.7.1 Description The issue is related to improper privilege management in Apache Kafka Clients, allowing attackers to access arbitrary contents of the disk and environment variables. This can be...
Apple macOS Sonoma 安全漏洞
Apple macOS Sonoma is a desktop operating system from Apple, Inc. A security vulnerability exists in Apple macOS Sonoma version 14.2, which stems from a remote login session that may be able to gain full disk access...