CVE-2021-47350

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix lockup on kernel exec fault The powerpc kernel is not prepared to handle exec faults from kernel. Especially, the function isexecfault will return 'false' when an exec fault is taken by kernel, because the check i...

CVE-2021-47350 powerpc/mm: Fix lockup on kernel exec fault

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix lockup on kernel exec fault The powerpc kernel is not prepared to handle exec faults from kernel. Especially, the function isexecfault will return 'false' when an exec fault is taken by kernel, because the check i...

CVE-2021-47350

Affected software: Linux kernel on PowerPC. The issue stems from is_exec_fault() returning false for exec faults taken by the kernel, causing set_access_flags_filter() not to set PAGE_EXEC and leading to a perpetual minor exec fault. Root cause traced through a sequence of commits (notably d7df24...

PT-2024-14701 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the call usermodehelper exec function. The issue was introduced by a commit that rewrote the core freezer logic, which...

Unbreakable Enterprise kernel security update

5.15.0-206.153.7 - mmc: core: Initialize mmcblkiocdata Mikko Rapeli - ahci: asm1064: asm1166: don't limit reported ports Conrad Kostecki - mmc: core: Fix switch on gp3 partition Dominique Martinet - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory Michael Kelley -...

PT-2024-4755 · Docker · Docker Desktop

Name of the Vulnerable Software and Affected Versions: Docker Desktop versions prior to 4.31.0 Description: The issue is related to a configuration flaw in the exec-path Docker daemon config option, allowing a user in the docker-users group to cause a Windows Denial-of-Service in Windows containe...

CVE-2023-51619

D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...

Veritas Backup Exec Remote Agent 21.0.x, 21.1.x, 21,2.x, 21,3.x, 21.4.x, 22.0.x, 22.1.x, 22.2.x Multiple Vulnerabilities

The version of Vertias Backup Exec Remote Agent installed on the remote Windows host is 21.0.x, 21.1.x, 21,2.x, 21,3.x, 21.4.x, 22.0.x, 22.1.x or 22.2.x prior to 22.2 HotFix 917391. It is therefore affectewd by multiple vulnerabilities: - An issue was discovered in Veritas Backup Exec before 22.2...

PT-2024-40714 · Git +1 · Pcre2

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue is related to a crash type of Use-of-uninitialized-value. The crash state includes do callout jit and jit machine stack exec functions. Recommendations: At the moment, there i...

CVE-2024-33671

An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file deletion on protected files...

CVE-2024-33673

An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLL Search path...

CVE-2024-33673

An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLL Search path...

CVE-2024-33671

An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file deletion on protected files...

CVE-2024-33671

An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file deletion on protected files...

PT-2024-5139 · Tenda · Tenda Ax1806

Name of the Vulnerable Software and Affected Versions: Tenda AX1806 version 1.0.0.1 Description: A critical issue was found in the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to a stack-based buffer overflow. It is possible to...

PT-2024-25431 · Veritas · Veritas Backup Exec

Name of the Vulnerable Software and Affected Versions: Veritas Backup Exec versions prior to 22.2 HotFix 917391 Description: An issue was discovered that allows for DLL Hijacking in the Windows DLL Search path due to improper access controls. Recommendations: For versions prior to 22.2 HotFix...

CVE-2024-33671

Summary: CVE-2024-33671 affects Veritas Backup Exec (before 22.2 HotFix 917391). The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to delete arbitrary files on protected files. Impact: highest concerns involve integrity and availability (I/H; A/H per metrics). Root cau...

CVE-2024-33673

CVE-2024-33673 affects Veritas Backup Exec before 22.2 HotFix 917391. The issue is improper access controls that enable DLL hijacking in the Windows DLL search path. CVSS v3.1 base score 7.8 (HIGH) with LOCAL attack vector, LOW attack complexity, and privileges required, no user interaction. Impa...

CVE-2024-33673

An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLL Search path...

CVE-2024-33671

An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file deletion on protected files...