Fedora 37 : kernel (2023-d9509be489)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d9509be489 advisory. The 6.4.10 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

Fedora 38 : kernel (2023-ee241dcf80)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ee241dcf80 advisory. The 6.4.10 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

Huawei HarmonyOS Input Method Module Authorization Issue Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from an authorization issue vulnerability that stems from insufficient privilege checks in the Input Method module. An attacker can...

Moq v4.20.0-rc to 4.20.1 share hashed user data

Moq v4.20.0-rc to 4.20.1 include support for SponsorLink, which runs an obfuscated DLL at build time that scans local git config data and shares the user's hashed email address with SponsorLink's remote servers. There is no option to disable this. Moq v4.20.2 has removed this functionality...

GHSA-6R78-M64M-QWCF Moq v4.20.0-rc to 4.20.1 share hashed user data

Moq v4.20.0-rc to 4.20.1 include support for SponsorLink, which runs an obfuscated DLL at build time that scans local git config data and shares the user's hashed email address with SponsorLink's remote servers. There is no option to disable this. Moq v4.20.2 has removed this functionality...

Emerging Attacker Exploit: Microsoft Cross-Tenant Synchronization

Attackers continue to target Microsoft identities to gain access to connected Microsoft applications and federated SaaS applications. Additionally, attackers continue to progress their attacks in these environments, not by exploiting vulnerabilities, but by abusing native Microsoft functionality ...

NVIDIA D3D10 Driver Shader Functionality dcl_input index memory corruption vulnerability

Talos Vulnerability Report TALOS-2023-1720 NVIDIA D3D10 Driver Shader Functionality dclinput index memory corruption vulnerability August 10, 2023 CVE Number CVE-2022-34671 SUMMARY A memory corruption vulnerability exists in the Shader Functionality of NVIDIA D3D10 Driver NVIDIA D3D10 Driver,...

replaceMember and rotateMember redundancy

Lines of code Vulnerability details Impact The replaceMember and rotateMember functions have identical functionality which may lead to redundancy and confusion. Proof of Concept Both the replaceMember and rotateMember functions essentially perform the same action: replacing a current member...

Absence of zero address checks for roles passed to the initialize function.

Lines of code Vulnerability details Impact The initialize function accepts various roles as part of the roles parameter SecurityCouncilManagerRoles. However, it doesn't validate whether any of these role addresses are set to the zero address address0. This omission might result in inadvertently...

PROPOSAL DEADLINE IS NOT CHECKED DURING VOTE CASTING IN _countVote FUNCTION

Lines of code Vulnerability details Impact The SecurityCouncilNomineeElectionGovernorCountingUpgradeable is an abstract contract which is inherited by the SecurityCouncilNomineeElectionGovernor contract. The SecurityCouncilNomineeElectionGovernorCountingUpgradeable.countVote function is responsib...

NVIDIA D3D10 Driver Shader Functionality undeclared dcl_output memory corruption vulnerability

Talos Vulnerability Report TALOS-2023-1719 NVIDIA D3D10 Driver Shader Functionality undeclared dcloutput memory corruption vulnerability August 10, 2023 CVE Number CVE-2022-34671 SUMMARY A memory corruption vulnerability exists in the Shader functionality of NVIDIA D3D10 Driver NVIDIA D3D10 Drive...

Exploit for Missing Authentication for Critical Function in Properfraction Profilepress

CVE-2021-34621 ProfilePress 3.0 - 3.1.3 - Unauthenticated Priv...

CVE-2023-24471

An access control vulnerability was found, due to the restrictions that are applied on actual assertions not being enforced in their debug functionality. An authenticated user with reduced visibility can obtain unauthorized information via the debug functionality, obtaining data that would normal...

Improper access control

An access control vulnerability was found, due to the restrictions that are applied on actual assertions not being enforced in their debug functionality. An authenticated user with reduced visibility can obtain unauthorized information via the debug functionality, obtaining data that would normal...

CVE-2023-24471

CVE-2023-24471 is a vulnerability in Nozomi Networks Guardian/CMC prior to version 22.6.2 where access-control restrictions on actual assertions are not enforced in the debug functionality. An authenticated user with reduced visibility can access data normally restricted in the Query and Assertio...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

Microsoft Windows Windows Smart Card Resource Management Server Security Vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Smart Card Resource Management Server. An attacker could exploit this vulnerability to bypass certain functionality. The following...

CVE-2023-4147

A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTARULECHAINID. This flaw allows a local user to crash or escalate their privileges on the system...

CVE-2023-4147

A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTARULECHAINID. This flaw allows a local user to crash or escalate their privileges on the system...

Design/Logic Flaw

A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits -...