The vulnerability of VMware Fusion’s hypervisor is related to synchronization errors when using shared resources, allowing attackers to increase their privileges.

The vulnerability of VMware Fusion relates to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...

Mozilla Firefox Buffer Error Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox version 119, which originates from the presence of memory security errors, the exploitation of which may lead to arbitrary code execution...

The vulnerability of the Packet Forwarding Engine (PFE) module in Junos OS routers of the MX Series allows a hacker to cause a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in Junos OS routers of the MX Series is related to memory release errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Packet Forwarding Engine (PFE) module in Juniper Networks’ Junos OS-based routers of the QFX5000 Series allows a attacker to induce a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in Juniper Networks’ Junos OS-based QFX5000 Series routers is related to memory release errors. Exploiting this vulnerability can allow a malicious actor to trigger service interruptions...

Advisory ROSA-SA-2023-2266

software: sqlite 3.41.2 OS: ROSA-CHROME packageevrstring: sqlite-3.41.2-1.src.rpm CVE-ID: CVE-2022-46908 BDU-ID: 2023-05686 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the command line interface of the SQLite database management system is related to implementation errors in the...

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to errors in processing input data, allows a perpetrator to cause service interruptions.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

Ubuntu 16.04 ESM : FFmpeg vulnerabilities (USN-5167-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5167-1 advisory. It was discovered that FFmpeg did not properly verify certain input when processing video and audio files. An attacker could possibly use this to send...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spoofing attacks...

The vulnerability of the Gopher network protocol implementation in Squid proxy servers allows attackers to induce service failures.

The vulnerability of the Gopher network protocol implementation in Squid proxy servers is related to pointer dereferencing errors. Exploiting this vulnerability could allow a malicious actor to cause service failures...

BIT-2023-42780

Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. It would reveal the dagids and the stack-traces of import errors for those DAGs with import...

The vulnerability of the Core server component of Oracle WebLogic Server allows a hacker to execute arbitrary code.

The vulnerability of the Core server component of Oracle WebLogic Server is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely by injecting specially crafted messages via T3 and IIOP protocols...

The vulnerability of the Windows Error Reporting error reporting service on Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Windows Error Reporting registration service on Windows operating systems arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the `make_tempdir` and `make_tempname` functions in the GNU Binutils development tool allows a attacker to cause a service failure.

The vulnerability of the maketempdir and maketempname functions in the GNU Binutils development tool set is related to memory release errors. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the pr_function_type function in the GNU Binutils development environment, which allows a hacker to trigger a service failure.

The vulnerability of the prfunctiontype function in the GNU Binutils development environment is related to memory release errors. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the Windows Graphics component of the Windows operating system, which allows a hacker to exploit their privileges

The vulnerability of the Windows Graphics component of the Windows operating system is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Win32k.sys component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component of the Windows operating system is related to synchronization errors when using common resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Routing Protocol Demon (RPD) in Juniper Networks’ Junos OS and Junper Networks’ Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Routing Protocol Demon RPD in Juniper Networks’ Junos OS and Junper Networks’ Junos OS Evolved operating systems is related to syntax validation errors in input verification. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

PT-2023-6373 · Wago · Wago

Name of the Vulnerable Software and Affected Versions: Wago products affected versions not specified Description: The issue allows a remote attacker with administrative privileges to access files through an undocumented local file inclusion. This access is logged in a different log file than...

PYSEC-2023-202

Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. It would reveal the dagids and the stack-traces of import errors for those DAGs with import...

PYSEC-2023-202

Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. It would reveal the dagids and the stack-traces of import errors for those DAGs with import...