Zoom Workplace VDI Client 6.6 < 6.6.11 Vulnerability (ZSB-26002)

The version of Zoom Workplace VDI Client installed on the remote host is between 6.6 and 6.6.11. It is, therefore, affected by a vulnerability as referenced in the ZSB-26002 advisory. - Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2384)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-38999

The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability...

Design/Logic Flaw

The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability...

Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-083)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-083 advisory. A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel's BPF subsystem due to the way a user loads BTF. This flaw...

Design/Logic Flaw

In ion, there is a possible use after free due to improper update of reference count. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399915...

ASB-A-223072269

In ion, there is a possible use after free due to improper update of reference count. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-22195

CVE-2022-22195 describes an Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved. An unauthenticated, network-based attacker can trigger a counter overflow, resulting in a Denial of Service (DoS). Affected: Junos OS Evolved — all versions before 20.4...

SUSE: Security Advisory (SUSE-SU-2015:1044-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft AutoUpdate for Mac Privilege Vulnerability

Microsoft AutoUpdate for Mac is an automatic update component for Mac. An elevation of privilege vulnerability exists in Microsoft AutoUpdate for Mac, which originates when the program fails to properly validate updates before executing them, and can be exploited by an attacker with the help of...

SUSE SLES12 Security Update : cups154 (SUSE-SU-2015:1044-2)

The following issues are fixed by this update : - CVE-2012-5519: privilege escalation via cross-site scripting and bad print job submission used to replace cupsd.conf on server bsc924208. - CVE-2015-1158: Improper Update of Reference Count - CVE-2015-1159: Cross-Site Scripting Note that Tenable...

[slackware-security] cups

New cups packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/cups-1.5.4-i486-4slack14.1.txz: Rebuilt. This release fixes a security issue: CWE-911: Improper Update of...

SUSE SLED12 / SLES12 Security Update : cups (SUSE-SU-2015:1041-1)

The following issues are fixed by this update : - CVE-2012-5519: privilege escalation via cross-site scripting and bad print job submission used to replace cupsd.conf on server bsc924208. - CVE-2015-1158: Improper Update of Reference Count - CVE-2015-1159: Cross-Site Scripting Note that Tenable...

Debian DLA-239-1 : cups security update

Two critical vulnerabilities have been found in the CUPS printing system : CVE-2015-1158 - Improper Update of Reference Count Cupsd uses reference-counted strings with global scope. When parsing a print job request, cupsd over-decrements the reference count for a string from the request. As a...

DLA-239-1 cups - security update

Bulletin has no description...

KLA10244 ACE vulnerability in LinkedIn Browser Toolbar

Improper update verification was found in the LinkedIn Browser Toolbar. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a man-in-the-middle attack. Original advisories - Related products LinkedIn-Internet-Explorer-Toolb...