Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xHCI: Corruption of the command ring pointer occurred during command aborts. The command ring pointer is located at bits 6:63 of the command ring control register CRCR. All control bits, such as those related to command stopping...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswephaslimitsbox pcigetdevice will increase the reference count for the returned 'dev'. We need to call pcidevput to decrease the reference count. Since 'dev' is only used in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990629 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988800 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990010)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990010 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987521 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call...

SUSE CVE-2022-49314

In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call pcireleaseregions and pcidisabledevice to recycle the resource previously allocated...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the icomprobe function that can lead to resource consumption when pcireadconfigdword fails...

SUSE CVE-2021-47434

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at 6:63 bits of the command ring control register CRCR. All the control bits like command stop, abort are located at 0:3 bits...

CVE-2021-47434

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at 6:63 bits of the command ring control register CRCR. All the control bits like command stop, abort are located at 0:3 bits...

kernel: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox()

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswephaslimitsbox pcigetdevice will increase the reference count for the returned 'dev'. We need to call pcidevput to decrease the reference count. Since 'dev' is only used in...

Memory corruption

Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...

cloudcmd (>=5.0.5 <=9.3.2), console-io (>=2.5.2 <=5.0.0) +22 more potentially affected by unknown CVE via ponse (>=1.0.1 <=1.6.1)

ponse NPM version =1.0.1, =5.0.5, =2.5.2, =0.0.0, =0.1.0, =2.7.4, =0.3.0, =1.0.0, =1.0.0, =0.0.1, =0.2.0, =1.0.0, =1.0.0, =1.0.9, =1.0.0, =1.0.0, =1.3.6 and more Source cves: unknown CVE Source advisory: OSV:GHSA-WFHX-6PCM-7M55...

Microsoft Internet Explorer Windows 10 1809 17763.316 Memory Corruption

Content Dim ar1&h3000000 Dim ar21000 Dim gremlin addressOfGremlin = &h28281000 Class MyClass Private mValue Public Property Let Valuev mValue = v End Property Public Default Property Get P P = mValue ' Where to write End Property End Class Sub TriggerWritewhere, val Dim v1 Set v1 =...

CVE-2018-18537

The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address...

Path traversal

The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address...

CVE-2018-6851

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206040. By crafting an input buffer we can control the execution path to the point where the constant DWORD 0 will be written t...

DEBIAN-CVE-2018-7757

Memory leak in the sassmpgetphyevents function in drivers/scsi/libsas/sasexpander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service memory consumption via many read accesses to files in the /sys/class/sasphy directory, as demonstrated by the...

MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rubysmb' require 'rubysmb/smb1/packet' class MetasploitModule 'MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption', 'Description' = %q This module is...

jetAudio 8.1.3 Basic (mp3) - Crash POC

Exploit for windows platform in category dos / poc Exploit Title : jetAudio 8.1.3 Basic Corrupted mp3 Crash POC Product : jetAudio Basic Date : 8.12.2014 Exploit Author : ITDefensor Vulnerability Research Team http://itdefensor.ru/ Software Link : http://www.jetaudio.com/download/ Vulnerable...