EUVD-2023-42337

Malicious code in bioql PyPI...

This Week in Spring - February 20th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you this fine 20th of February, 2024? I'm doing alright on this rainy 20th of Feburary here in San Francisco, and I hope you are too! We've got a ton of things to get into this week so let's dive right into it! Have y...

CVE-2023-38538

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

CVE-2023-38538

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

CVE-2023-38538

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

CVE-2023-38538

The CVE-2023-38538 entry concerns WhatsApp (and related WhatsApp/Android ecosystems per connected records) with a race condition in an event subsystem that causes a heap use-after-free during established audio/video calls. The vulnerability can lead to app termination or unexpected control flow w...

CVE-2023-38538

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

WhatsApp Competitive Conditions Issue Vulnerability

WhatsApp is a suite of mobile applications from the American company WhatsApp that use the Internet to send text messages. The application uses contact information in a smartphone to find contacts using the software to send text, images, etc. A security vulnerability exists in WhatsApp that stems...

ONAP DCAE Access Control Error Vulnerability

The ONAP DCAE is a data collection, analysis, and event subsystem within the ONAP Project's suite of ONAP network management platforms. An Access Control Error vulnerability exists in ONAP DCAE Dublin and prior versions that stems from an access control error in the program. An attacker could...

Apple iOS / macOS - Sandbox Escape due to Trusted Length Field in Shared Memory Exploit

Exploit for multiple platform in category dos / poc Apple iOS/macOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem iohideventsystem is a MIG service which provides proxy access to various HID devices for untrusted clients. On iOS it's hosted by backboard...

Apple iOSmacOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem

Apple iOSmacOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem iohideventsystem is a MIG service which provides proxy access to various HID devices for untrusted clients. On iOS it's hosted by backboardd and on MacOS by hidd. The actual implementation is ...

Ubuntu Update for linux-lts-raring USN-2112-1

Check for the Version of linux-lts-raring OpenVAS Vulnerability Test $Id: gbubuntuUSN21121.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux-lts-raring USN-2112-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This progra...

Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2112-1)

Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 Dave Jones and Vince Weaver reported a flaw in the Linux kernel's perf event subsystem that allows...