PT-2022-2535 · Microsoft · Windows Kernel +1

Name of the Vulnerable Software and Affected Versions: Windows Kernel affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in the Windows Kernel, caused by synchronization errors when using a shared resource. This could allow an attacker to...

PT-2022-2447 · Microsoft · Windows Digital Media Receiver +1

Name of the Vulnerable Software and Affected Versions: Windows Digital Media Receiver affected versions not specified Description: The issue is related to synchronization errors when using a shared resource in the Windows Digital Media Receiver component of the Windows operating system. This can...

PT-2022-2458 · Microsoft · Windows Playto Manager +1

Name of the Vulnerable Software and Affected Versions: Windows PlayTo Manager affected versions not specified Description: The issue is related to synchronization errors when using a shared resource in the Windows PlayTo Manager component. This can allow an attacker to elevate their privileges...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-1668)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-33845

The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress verbose login errors...

CVE-2021-39023

IBM Guardium Data Encryption GDE 4.0.0 and 5.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 213860...

GHSA-G8XG-JGJ6-49R3 Django is vulnerable to Denial of Service attack in formset

The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service memory consumption or trigger server errors via a modified maxnum parameter...

Medium: curl

Issue Overview: A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or...

Design/Logic Flaw

DISPUTED Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. NOTE: the vendor has disputed this on the grounds that it is not the server's responsibility to "enforce all the various ways a developer could write code with logic errors."...

PT-2022-3138 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the implementation of the Kerberos network protocol authentication for the isolated software environment AppContainer in Windows operating systems, which is connecte...

GHSA-5CW4-GGX9-36VG Apache Tomcat Denial of Service via Malformed Request Headers

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and modjk load balancing are used, allows remote attackers to cause a denial of service application outage via a crafted request with invalid headers, related to temporary blocking of...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-009)

The version of kernel installed on the remote host is prior to 5.4.156-83.273. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-009 advisory. A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cau...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-006)

The version of kernel installed on the remote host is prior to 5.10.68-62.173. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-006 advisory. 2024-03-13: CVE-2021-46913 was added to this advisory. A flaw was found in the Linux kernel. When reusing ...

ASB-A-216481035

In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for...

Adobe Acrobat Classic 2020 Security Update (APSB22-16) - Windows

Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatdcclassic";...

Adobe Acrobat 2017 Security Update (APSB22-16) - Windows

Adobe Acrobat Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...

Adobe Acrobat Classic 2020 Security Update (APSB22-16) - Mac OS X

Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatdcclassic";...

Adobe Acrobat DC Continuous Security Update (APSB22-16) - Windows

Adobe Acrobat Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Reader 2017 Security Update (APSB22-16) - Mac OS X

Adobe Acrobat Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

The vulnerability of the networkd-dispatcher component, which manages connection states in Linux operating systems, and is part of the Systemd subsystem responsible for service initialization and management, allows a malicious actor to escalate their privileges or execute arbitrary code.

The vulnerabilities of the networkd-dispatcher component, which manages connection states and initializes services within Systemd in Linux operating systems, stem from synchronization errors when using shared resources. Exploiting these vulnerabilities can allow attackers to increase their...