38 matches found
CVE-2019-2191
In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. This could lead to local information disclosure via USB with User execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions:...
EUVD-2019-11833
Malware in sbrugna...
EUVD-2024-27384
Malicious code in bioql PyPI...
SUSE CVE-2023-4949
An attacker with local access to a system either through a disk or external drive can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub's XFS file system implementation...
CVE-2024-2433
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interfa...
CVE-2024-2433
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interfa...
CVE-2024-2433
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interfa...
CVE-2024-2433
CVE-2024-2433 describes an improper authorization vulnerability in Palo Alto Networks Panorama software where an authenticated read-only administrator can upload files via the web interface and fill a disk partition, leading to availability loss by blocking web login and PAN-OS downloads. Affecte...
PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interfa...
Palo Alto Networks PAN-OS 9.0.x < 9.0.17-h4 / 9.1.x < 9.1.17 / 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.3 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 9.0.x prior to 9.0.17-h4 or 9.1.x prior to 9.1.17 or 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.3. It is, therefore, affected by a vulnerability. - An improper authorization vulnerability in Palo...
CVE-2024-23678
In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows...
Deserialization of untrusted data
In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows...
CVE-2024-23678 Deserialization of Untrusted Data on Splunk Enterprise for Windows through Path Traversal from Separate Disk Partition
In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows...
Splunk Security Breach
Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...
Splunk Enterprise 9.0.0 < 9.0.8, 9.1.0 < 9.1.3 (SVD-2024-0108)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0108 advisory. - In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input dat...
PT-2024-1283 · Splunk · Splunk Enterprise
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3 Description: The issue is related to the incorrect sanitization of path input data, resulting in the unsafe deserialization of untrusted data from a separate disk partition on the...
Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 2
Welcome back to our blog series on Rapid7's IoT Village exercise from DEF CON 30. Last week, we covered the basics of the exercise and achieving access to flash memory. In this post, we'll cover how to extract partition data. Extracting partition data The next step in our hands-on IoT hacking...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by the Linux Foundation's open-source operating system Linux.KVM is one of the kernel-based virtual machines. A denial of service vulnerability exists in Linux kernel, which stems from a lack of code cleanup when the deviceadd call fails when adding a partition to...
bpftool, kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2021:2314 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2019-2191
In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. This could lead to local information disclosure via USB with User execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions:...