147 matches found
Security Bulletin: Incorrect file permissions allows authenticated users to recover IPMI user passwords
Summary A flaw in the file permissions may expose IPMI user passwords. This may lead to privilege escalations. Vulnerability Details CVEID: CVE-2020-14156 DESCRIPTION: OpenBMC phosphor-host-ipmid could allow a remote authenticated attacker to bypass security restrictions, caused by the failure to...
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2336)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-2336)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-2246)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1977-1)
"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1977-1 advisory. - An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aalabelparse fails in aaauditruleinit in...
CVE-2021-20423
IBM Cloud Pak for Applications 4.3 could allow an authenticated user gain escalated privilesges due to improper application permissions. IBM X-Force ID: 196308...
SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2021:1975-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1975-1 advisory. The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4982-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4982-1 advisory. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could u...
Ubuntu 21.04 : Linux kernel vulnerabilities (USN-4977-1)
The remote Ubuntu 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4977-1 advisory. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause...
Design/Logic Flaw
A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege escalations...
CVE-2020-25671
A vulnerability was found in Linux Kernel, where a refcount leak in llcpsockconnect causing use-after-free which might lead to privilege escalations...
CVE-2020-25671
A vulnerability was found in Linux Kernel, where a refcount leak in llcpsockconnect causing use-after-free which might lead to privilege escalations...
CVE-2020-25670
A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege escalations...
Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4948-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4948-1 advisory. Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a rin...
Check Point Identity Agent Arbitrary File Write Vulnerability
Check Point Identity Agent Arbitrary File Write Vulnerability Description =========== The Check Point Identity Agent allows low privileged users to write files to protected locations of the file system. Details ======= Advisory ID: usd-2021-0005 Product: Check Point Identity Agent Affected Versio...
Who Contains the Containers?
Posted by James Forshaw, Project Zero This is a short blog post about a research project I conducted on Windows Server Containers that resulted in four privilege escalations which Microsoft fixed in March 2021. In the post, I describe what led to this research, my research process, and insights...
CVE-2020-25670
A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege escalations...
CVE-2020-25671
A vulnerability was found in Linux Kernel, where a refcount leak in llcpsockconnect causing use-after-free which might lead to privilege escalations...
Cisco AnyConnect Privilege Escalations (CVE-2020-3153 and CVE-2020-3433)
The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The installer component of Cisco AnyConnect Secure Mobility...
Citrix SD-WAN WANOP 10.2.x Multiple Vulnerabilities (CTX276688)
The remote Citrix SD-WAN WANOP device is version 10.2.x prior to 10.2.7, 11.0.x prior to 11.0.3d, 11.1.x prior to 11.1.1a. It is, therefore, affected by multiple vulnerabilities: - An authorization bypass vulnerability exists in Citrix SD-WAN WANOP devices. An unauthenticated, remote attacker wit...