528 matches found
CVE-2025-20206
A vulnerability in the interprocess communication IPC channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate CVE-2024-41042 In...
CVE-2025-20206
A vulnerability in the interprocess communication IPC channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This...
CVE-2025-20206
A vulnerability in the interprocess communication IPC channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This...
CVE-2025-20206 Cisco Secure Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability
A vulnerability in the interprocess communication IPC channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This...
CVE-2025-20206
Cisco Secure Client for Windows is affected by an IPC channel vulnerability that could allow a local attacker with valid credentials to perform a DLL hijack and execute arbitrary code with SYSTEM privileges when the Secure Firewall Posture Engine (formerly HostScan) is installed. Root cause is in...
CVE-2025-27681
Vasion Print formerly PrinterLogic before Virtual Appliance Host 1.0.735 Application 20.0.1330 mishandles Client Inter-process Security V-2022-004...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix integer overflows on 32 bit systems On 32bit systems the addition operations in ipcmsgalloc can potentially overflow leading to memory corruption. Add bounds checking using KSMBDIPCMAXPAYLOAD to avoid overflow...
CVE-2024-50564
A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...
CVE-2024-50564
A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...
CVE-2024-50564
A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...
CVE-2024-50564
CVE-2024-50564 affects Fortinet FortiClientWindows across versions 6.4.x–7.4.0. The issue is a hard-coded cryptographic key used for interprocess communication via a monitored named pipe, which may enable a low-privileged user to decrypt IPC data. The vulnerability is documented as a local issue ...
CVE-2024-50564
A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...
PT-2025-3867 · Unknown · Exelban Stats
Name of the Vulnerable Software and Affected Versions: exelban stats versions up to 2.11.21 Description: A critical issue has been found in the shouldAcceptNewConnection function of the XPC Service component, leading to command injection. This issue can be exploited locally. Recommendations: For...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect runtime state when the ivpuipcsendreceiveinternal function is executed before ivpupmenable...
AZL-55397 CVE-2025-23016 affecting package fcgi for versions less than 2.4.5-1
FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c...
UBUNTU-CVE-2025-23016
FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c...
SUSE CVE-2024-56540
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...
CVE-2024-56540 accel/ivpu: Prevent recovery invocation during probe and resume
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...
CVE-2024-53175 ipc: fix memleak if msg_init_ns failed in create_ipc_ns
In the Linux kernel, the following vulnerability has been resolved: ipc: fix memleak if msginitns failed in createipcns Percpu memory allocation may failed during createipcns however this fail is not handled properly since ipc sysctls and mq sysctls is not released properly. Fix this by release...