Veeam Service Provider Console 安全漏洞

Veeam Service Provider Console is a cloud-enabled platform from Veeam USA. A security vulnerability exists in the Veeam Service Provider Console that stems from the use of an insecure deserialization method...

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

VulnCheck KEV: CVE-2020-10684

A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansiblefacts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansiblefacts after the clean. An attacker could take...

DEBIAN-CVE-2022-48686

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the iowork loop when we set rdenabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sync or corrupted...

CVE-2023-27365

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-27364

Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-27365

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-27364

Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-27364

Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

SUSE CVE-2024-27014

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the priv-statelock, any scheduled aRFS works are canceled using the cancelworksync function, which waits for the work to end if it has already started...

CVE-2023-27364 Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability

Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-27365 Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-27365 Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-27364 Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability

Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-27364

Foxit PDF Editor is affected by CVE-2023-27364: a remote code execution vulnerability in XLS file parsing due to insufficient restrictions on macro-enabled documents. An attacker can entice a user to open a malicious XLS or visit a malicious page, causing code execution in the target process. Use...

CVE-2023-27365

CVE-2023-27365 affects Foxit PDF Editor (and related Foxit PhantomPDF components) via a flaw in DOC file parsing where macro-enabled documents are not properly restricted. An attacker can trigger arbitrary code execution by convincing a user to open a malicious DOC/file or visit a malicious page,...

Exploit for Use After Free in Arm 5Th_Gen_Gpu_Architecture_Kernel_Driver

Exploit for CVE-2023-6241 The write up can be found hereh...

CVE-2024-27053 wifi: wilc1000: fix RCU usage in connect path

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ 333 N...

LoMag WareHouse Management 安全漏洞

LoMag WareHouse Management is a warehouse management software from LoMag. A security vulnerability exists in LoMag WareHouse Management version 1.0.20.120 and prior versions, which stems from a 10-character hard-coded password that is allowed by default...

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...