EUVD-2017-14633

Malware in sbrugna...

ROS-20250814-08

Vulnerability of the createInDir function of the glog library of the Golang programming language is related to errors in reference handling. reference handling errors. Exploitation of the vulnerability may allow an attacker to escalate his privileges and gain unauthorized access to protected...

Amazon Linux 2 : soci-snapshotter (ALASDOCKER-2025-064)

The version of soci-snapshotter installed on the remote host is prior to 0.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-064 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line...

USN-7527-1: libfcgi-perl vulnerability

It was discovered that libfcgi-perl incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

Ubuntu 18.04 LTS / 20.04 LTS : KiCad vulnerabilities (USN-7466-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7466-1 advisory. It was discovered that KiCad incorrectly handled memory when opening malicious files. An attacker could possibly use this issue to cause a...

The vulnerability of Zoom’s software for conducting video conferences on the MacOS operating system, related to link handling errors, allows attackers to exploit their privileges.

The vulnerability of Zoom’s software for conducting video conferences on the MacOS operating system is related to errors in link handling. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

Linux Distros Unpatched Vulnerability : CVE-2024-42063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Mark bpf prog stack with kmsanunposionmemory in interpreter mode syzbot reported uninit memory usages during maplookup,deleteelem. ========== BUG: KMSAN:...

The vulnerability of the password-changing function of the Cisco Firepower Management Center (FMC) software interface allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the password-changing function in the Cisco Firepower Management Center FMC software for network administration involves errors in handling requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

ROS-20241015-05

Nano text editor vulnerability is related to temporary file handling errors. Exploitation exploitation of the vulnerability could allow an attacker to affect data integrity...

PT-2024-6835 · Microsoft · Defender For Endpoint For Linux

Name of the Vulnerable Software and Affected Versions: Microsoft Defender for Endpoint for Linux affected versions not specified Description: The issue is related to errors in handling relative directory paths, which can be exploited to conduct spoofing attacks. Recommendations: At the moment,...

ROS-20240816-15

A vulnerability in the PHP programming language interpreter is related to the erroneous handling of cookies due to the replacement of spaces, dots, and open square brackets with underscores. as a result of replacing spaces, periods and open square brackets with underscores. Exploitation...

The vulnerability of the pgAdmin 4 database management tool, related to permission handling errors, allows a hacker to execute arbitrary code.

The vulnerability of the pgAdmin 4 database management tool is related to permission handling errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the ThinServer component of the Rockwell Automation ThinManager application management platform allows a attacker to execute arbitrary code.

The vulnerability of the ThinServer component of Rockwell Automation’s centralized application management platform, ThinManager, relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted SQL query...

The vulnerability of the do_directive() function in the YASM assembler allows a attacker to trigger a service failure.

The vulnerability of the dodirective function in the YASM assembler is related to errors in memory handling. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20240409-09

Vulnerability of yasmsectionbcsfirst function of YASM assembler is related to uncontrolled consumption of resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the exprdeleteterm function of the YASM assembler is associated with an...

CVE-2023-52582 netfs: Only call folio_start_fscache() one time for each folio

In the Linux kernel, the following vulnerability has been resolved: netfs: Only call foliostartfscache one time for each folio If a network filesystem using netfs implements a clamplength function, it can set subrequest lengths smaller than a page size. When we loop through the folios in...

Design/Logic Flaw

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

SUSE-SU-2023:4214-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Updated to version 115.4.0 ESR bsc1216338: - CVE-2023-5721: Fixed a potential clickjack via queued up rendering. - CVE-2023-5722: Fixed a cross-Origin size and header leakage. - CVE-2023-5723: Fixed unexpected errors when handling inval...

The vulnerability of the libxpc library in operating systems such as iPadOS, tvOS, iOS, watchOS, and macOS allows attackers to delete arbitrary files.

The vulnerability of the libxpc library in iPadOS, tvOS, iOS, watchOS, and macOS is related to permission handling errors. Exploiting this vulnerability could allow an attacker to delete arbitrary files...

The vulnerability of the user interface of ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Endpoint Antivirus, ESET Endpoint Security, ESET Server Security for Microsoft Windows Server, ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, and ESET Security for Microsoft SharePoint Server allows attackers to increase their privileges.

The vulnerability of the user interface of ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Endpoint Antivirus, ESET Endpoint Security, ESET Server Security for Microsoft Windows Server, ESET File Security for Microsoft Windows Server, ESET Mail Security for Microso...