CVE-2022-22566

Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access DMA vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device...

CVE-2022-20703

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...

Mageia: Security Advisory (MGASA-2015-0176)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0298)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2020-0235)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0146)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4950-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle MySQL Cluster Input Validation Error Vulnerability (CNVD-2022-13054)

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful and redundant version for distributed computing environments. Oracle MySQL Cluster is vulnerable to an input validation error, which can be exploited to execute arbitrary...

CVE-2022-22929

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

LSN-0084-1: Kernel Live Patch Security Notice

William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service system crash or execute arbitrary...

Ubuntu: Security Advisory (USN-5241-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5210-2: Linux kernel regression | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization SEV enabled...

USN-5241-1: QtSvg vulnerabilities

It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary co...

Design/Logic Flaw

H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNOREUNKNOWNSETTINGS=TRUE;FORBIDCREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392...

Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-42013)

Summary IBM Rational Build Forge version 8.0.x is affected by CVE-2021-42013 Vulnerability Details CVEID: CVE-2021-42013 DESCRIPTION: Apache HTTP Server could allow a remote attacker to execute arbitrary code on the system caused by a path traversal vulnerability related to an incomplete fix for...

Adobe Acrobat Reader DC buffer overflow vulnerability

Acrobat Reader DC is an excellent PDF file reader developed by the U.S. Adobe Acrobat Reader DC has a buffer overflow vulnerability, which can be exploited by attackers to execute arbitrary code in the context of the current user...

CVE-2021-36417

A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gfisomdoviconfigget function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file...

USN-5217-1: Linux kernel (OEM) vulnerabilities

It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-4090 It was discovered that the eBPF implementation in th...

CVE-2021-36414

A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file...

CVE-2021-45980

Foxit PDF Reader and PDF Editor for macOS are affected by CVE-2021-45980 (pre-11.1). The vulnerability allows remote code execution through the getURL function in the JavaScript API. Exploitation details are not expanded beyond the remote code execution vector in the sources, so practical exploit...