CVE-2017-17173

Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356C00 has an arbitrary memory free vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter t...

CVE-2017-17173

Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356C00 has an arbitrary memory free vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter t...

Safe'N'Sec SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure and SoftControl/SafenSoft Enterprise Unauthorized Operation Vulnerabilities

Safe'N'Sec SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise are Russian Safe'N'Sec's proactive malware defense applications. A vulnerability exists in the snscore.sys file in Safe'N'Sec SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft...

Security Advisory - Arbitrary Memory Free Vulnerability in GPU Driver of Some Huawei Smart Phones

There is an arbitrary memory free vulnerability in GPU driver of some Huawei smart phones due to insufficient parameters verification. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to driver to release special kernel memory...

Ubuntu: Security Advisory (USN-3679-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : libvirt vulnerability and update (USN-3680-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3680-1 advisory. Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allo...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : QEMU update (USN-3679-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3679-1 advisory. Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow...

CVE-2018-5718

Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1 allows local users to cause a denial of service BSOD or modify kernel-mode...

USN-3679-1 qemu update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

USN-3679-1: QEMU update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

Ubuntu 17.10 : Linux kernel vulnerabilities (USN-3677-1)

It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-1068 Wen Xu discovered that the ext4 filesystem implementation in t...

Ubuntu: Security Advisory (USN-3674-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3676-1: Linux kernel vulnerabilities

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 filesystem that caused a denial of service system crash when mounted. CVE-2018-1092, CVE-2018-1093 It...

USN-3674-1: Linux kernel vulnerabilities

It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-1068 It was discovered that a NULL pointer dereference existed in t...

CVE-2018-4253

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "AMD" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service out-of-bounds read of kernel memory via a crafted app...

CVE-2018-4171

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app that leverages device properties...

Apple macOS High Sierra Bluetooth Information Disclosure Vulnerability

Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers.Bluetooth is one of the Bluetooth components. A security vulnerability exists in the device properties of the Bluetooth component in Apple macOS High Sierra versions prior to 10.13.5. An attacker can...

Apple Mac OS X Security Updates (HT208849)-01

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apple Mac OS X Security Updates (HT208849)-03

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : kernel (ALAS-2018-1023)

A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions delivered after a stac...