32 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: x86 – If the new GSI Global Service Interface route prevents the IRQ being posted directly to a vCPU, then the IRTE should be reset to host control. The IRTE should also be restored to host control if it is in MSI mode or in...
UBUNTU-CVE-2026-6870
GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-6870
GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992870)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992870 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if new route isn't postable Restore an IRTE back to host...
EUVD-2021-9437
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2...
Linux Distros Unpatched Vulnerability : CVE-2025-37885
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Reset IRTE to host control if new route isn't postable Restore an IRTE back to host control remapped or posted MSI mode if the new GSI route prevents...
Opencast still publishes global system account credentials
Description Opencast prior to versions 17.6 would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass when attempting to fetch mediapackage elements included in a mediapackage XML file. A previous...
GHSA-J63H-HMGW-X4J7 Opencast still publishes global system account credentials
Description Opencast prior to versions 17.6 would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass when attempting to fetch mediapackage elements included in a mediapackage XML file. A previous...
CVE-2023-21641
An app with non-privileged access can change global system brightness and cause undesired system behavior...
UBUNTU-CVE-2025-37885
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if new route isn't postable Restore an IRTE back to host control remapped or posted MSI mode if the new GSI route prevents posting the IRQ directly to a vCPU, regardless of the GSI routing typ...
kernel: GSM multiplexing race condition leads to privilege escalation
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...
kernel: GSM multiplexing race condition leads to privilege escalation
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...
kernel: GSM multiplexing race condition leads to privilege escalation
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...
OESA-2023-1990 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead...
PT-2023-18305 · Qualcomm · Snapdragon +15
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: An app with non-privileged access can change global system brightness and cause undesired system behavior. Recommendations: At the moment, there is no information about a newer...
GHSA-C4JR-VJM4-27HQ Veracode Scan Jenkins Plugin vulnerable to information disclosure
Veracode Scan Jenkins Plugin before 23.3.19.0 is vulnerable to information disclosure of proxy credentials in job logs under specific configurations. Users are potentially affected if they: - are using Veracode Scan Jenkins Plugin prior to 23.3.19.0 - AND have configured Veracode Scan to run on...
CVE-2023-25721
Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users with access to view the job log to...
SUSE CVE-2016-4082
epan/dissectors/packet-gsmcbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service out-of-bounds access and application crash via a crafted packet...
Information Disclosure
opencast-common is vulnerable to Information Disclosure. The attack is possible because the library does not restrict the file access and authenticate against external services listed in a media package, leading to disclose the global system user's credentials to the outside cluster...
Opencast publishes global system account credentials
The issue was mostly mitigated before, drastically reducing the risk. See references below for more information. Impact Opencast before version 10.6 will try to authenticate against any external services listed in a media package when it is trying to access the files, sending the global system...