SUSE CVE-2021-29154

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpfjitcomp.c and arch/x86/net/bpfjitcomp32.c...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.0.1.6)

The version of AOS installed on the remote host is prior to 6.0.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.0.1.6 advisory. - A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way i...

CVE-2022-2991

A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and...

Design/Logic Flaw

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 51537. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

Linux Kernel LightNVM Subsystem Heap-based Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the LightNVM subsystem...

Microsoft Windows OpenType Font File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

Microsoft Windows DirectComposition Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

The vulnerability of the Linux operating system’s kernel allows a hacker to execute arbitrary code within the kernel context.

The vulnerability of the Linux operating system’s kernel is related to incorrect calculations. Exploiting this vulnerability allows an attacker to execute arbitrary code within the kernel context...

UBUNTU-CVE-2021-38300

arch/mips/net/bpfjit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architectur...

Parallels Desktop Tools Integer Overflow Elevation of Privilege Vulnerability (CNVD-2021-34188)

Parallels Desktop is a virtual machine software that runs on Mac computers. A security vulnerability exists in the Parallels Tools component of Parallels Desktop version 16.1.2-49151. The vulnerability stems from a lack of proper validation of user-supplied data. An attacker can exploit the...

CVE-2021-31425

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

CVE-2021-29154

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpfjitcomp.c and arch/x86/net/bpfjitcomp32.c...

CVE-2021-29154

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpfjitcomp.c and arch/x86/net/bpfjitcomp32.c...

Apple macOS Kernel Command 0x10005 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

Microsoft Windows DirectComposition Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation...

Trend Micro Antivirus for Mac Error Message Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

Apple macOS process_token_SetFence Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

(0Day) Realtek rtl81xx SDK Wi-Fi Driver rtwlanu Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Realtek rtl81xx SDK Wi-Fi driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the...

(0Day) Realtek rtl81xx SDK Wi-Fi Driver rtwlane Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Realtek rtl81xx SDK Wi-Fi driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the...

CVE-2020-17396

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...