CVE-2023-50737 An input validation vulnerability in the SE Menu allows an attacker to execute arbitrary code.

The SE menu contains information used by Lexmark to diagnose device errors. A vulnerability in one of the SE menu routines can be leveraged by an attacker to execute arbitrary code...

CVE-2023-50737 An input validation vulnerability in the SE Menu allows an attacker to execute arbitrary code.

The SE menu contains information used by Lexmark to diagnose device errors. A vulnerability in one of the SE menu routines can be leveraged by an attacker to execute arbitrary code...

Apache Superset 信息泄露漏洞

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from a security vulnerability that originates from the ability of an authenticated user to generate specially crafted SQL statements to trigger database errors and expose...

The vulnerability of the Microsoft Dynamics 365 Business Central software for small and medium-sized businesses lies in synchronization errors when using shared resources, allowing attackers to escalate their privileges.

The vulnerability of the Microsoft Dynamics 365 Business Central software for small and medium-sized businesses is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges through a specially created link...

The vulnerability of the Microsoft Azure Active Directory B2C access and identity management service, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Azure Active Directory B2C access and identity management service is related to information representation errors in the user interface. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...

CVE-2021-46945

In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 "ext4: make ext4abort use ext4error", the following series of commands would trigger a panic: 1. mount /dev/sda -o ro,errors=panic test 2. mount /dev/sd...

CVE-2021-46945

In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 "ext4: make ext4abort use ext4error", the following series of commands would trigger a panic: 1. mount /dev/sda -o ro,errors=panic test 2. mount...

UBUNTU-CVE-2021-46945

In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 "ext4: make ext4abort use ext4error", the following series of commands would trigger a panic: 1. mount /dev/sda -o ro,errors=panic test 2. mount /dev/sd...

CVE-2021-46945 ext4: always panic when errors=panic is specified

In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 "ext4: make ext4abort use ext4error", the following series of commands would trigger a panic: 1. mount /dev/sda -o ro,errors=panic test 2. mount /dev/sd...

USN-6663-1 openssl update

As a security improvement, OpenSSL will now return deterministic random bytes instead of an error when detecting wrong padding in PKCS1 v1.5 RSA to prevent its use in possible Bleichenbacher timing attacks...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that results from a panic always occurring when errors=panic is specified...

ROS-20240226-01

A vulnerability in the mustmkdirandopenwithperms function of the snap-confine utility is related to synchronization errors when using a shared resource "Race Situation". Exploitation of the vulnerability could allow an attacker to escalate privileges or execute arbitrary code...

The vulnerability of the FactoryTalk service platform’s web interface, which allows attackers to escalate their privileges

The vulnerability of the FactoryTalk service platform’s web interface is related to errors in granting permissions during program execution. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

PT-2024-40388 · Pypi · Pypop

Name of the Vulnerable Software and Affected Versions: PyPop versions prior to 1.0.2 Description: Code scanning revealed a possible issue in C extensions for PyPop, involving incorrect function calls, such as missing arguments or wrongly typed arguments, and redundant null pointers...

DEBIAN-CVE-2023-52458

In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If the logical block siz...

AZL-35089 CVE-2023-3966 affecting package openvswitch for versions less than 3.3.0-1

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...

GHSA-8XFF-473H-F863 Uncaught Exception Handling Parsing Errors on Line Terminators

The span rendering would panic when handling failed parsing of queries where the error occurred on a line terminator character. Impact A client that is authorized to run queries in a SurrealDB server is able to execute a malformed query which will fail to parse on a line terminator character and...

Uncaught Exception Handling Parsing Errors on Line Terminators

The span rendering would panic when handling failed parsing of queries where the error occurred on a line terminator character. Impact A client that is authorized to run queries in a SurrealDB server is able to execute a malformed query which will fail to parse on a line terminator character and...

The vulnerability of the Windows operating system’s kernel, which allows a hacker to bypass security restrictions

The vulnerability of the Windows operating system’s kernel is related to security configuration errors. Exploiting this vulnerability can allow a hacker to bypass security restrictions...

The vulnerability of the Windows Hyper-V hardware virtualization system allows a attacker to trigger a service failure.

The vulnerability of the Windows Hyper-V hardware virtualization system is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause a service failure...