98 matches found
PT-2025-37691
Name of the Vulnerable Software and Affected Versions: linux affected versions not specified Description: The Linux kernel contains a flaw in the dmi-sysfs module related to a null-pointer dereference. A previous patch introduced kobject put to release memory, which calls dmi sysfs entry release...
subscription-manager bug fix and enhancement update
An update is available for subscription-manager. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The subscription-manager packages provide programs and libraries...
GSD-2022-1004051 firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
firmware: dmi-sysfs: Fix memory leak in dmisysfsregisterhandle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.318 by commit...
GSD-2022-1003972 firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
firmware: dmi-sysfs: Fix memory leak in dmisysfsregisterhandle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.283 by commit...
GSD-2022-1003865 firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
firmware: dmi-sysfs: Fix memory leak in dmisysfsregisterhandle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...
GSD-2022-1003542 firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
firmware: dmi-sysfs: Fix memory leak in dmisysfsregisterhandle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.122 by commit...
GSD-2022-1003283 firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
firmware: dmi-sysfs: Fix memory leak in dmisysfsregisterhandle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.47 by commit...
GSD-2022-1002987 firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
firmware: dmi-sysfs: Fix memory leak in dmisysfsregisterhandle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.15 by commit...
GSD-2022-1002623 firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
firmware: dmi-sysfs: Fix memory leak in dmisysfsregisterhandle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...
Apache Struts 2.x < 2.3.15.2 Dynamic Method Invocation Multiple Vulnerabilities (S2-019)
The version of Apache Struts running on the remote host is 2.x prior to 2.3.15.2. It, therefore, is affected by multiple Dynamic Method Invocation DMI vulnerabilities as DMI is enabled by default. Note that Nessus has not tested for these issues but has instead relied only on the application's...
Linux RNG Flaws
Linux RNG flaws CVE-2018-1108 There are several issues in drivers/char/random.c, in particular related to the behavior of the /dev/urandom RNG during and shortly after boot. I'm sending this to [email protected] and Theodore Ts'o for now; it might make sense to also add Jason Donenfeld, since...
openSUSE Security Update : the Linux Kernel (openSUSE-2017-929)
The openSUSE Leap 42.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-1000111: Fixed a race condition in net-packet code that could be exploited to cause out-of-bounds memory access bsc1052365. - CVE-2017-1000112: Fixed a race...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000111: Fixed a race condition in net-packet code that could be exploited to cause out-of-bounds memory access bsc1052365. - CVE-2017-1000112: Fixed a race...
Virtuozzo 6 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0036)
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
VulnCheck KEV: CVE-2001-0236
Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event...
CentOS 6 : kernel (CESA-2017:0036)
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Apache Struts REST Plugin DMI Code Execution (CVE-2016-3087)
A code execution vulnerability exists in Apache Struts. The vulnerability is due the way the OGNL expressions are processed when DMI is enabled and the REST plugin is used. A remote attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitatio...
Immunity Canvas: STRUTS2_DMI_RCE
Name| struts2dmirce ---|--- CVE| CVE-2016-3081 Exploit Pack| CANVAS Description| struts2dmirce Notes| CVE Name: CVE-2016-3081 VENDOR: Apache NOTES: The JAR Server will listen on the port provided in the UI. However, if that port is unavailable, a random one will be chosen. Example vulnerable...
ByVejr - DMI - Yr - Vejret - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application ByVejr - DMI - Yr - Vejret published at the 'play' market has multiple vulnerabilities...
DMI Weather - Exported components, External URLs, WebView JavaScript enabled vulnerabilities
HackApp vulnerability scanner discovered that application DMI Weather published at the 'play' market has multiple vulnerabilities...