Insecure Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information due to the /config partition not being protected by measured boot, mutable, and unencrypted. An attacker can gain unauthorized root access by physically removing the disk, modifying the /config...

CVE-2021-47275 bcache: avoid oversized read request in cache missing code path

In the Linux kernel, the following vulnerability has been resolved: bcache: avoid oversized read request in cache missing code path In the cache missing code path of cached device, if a proper location from the internal B+ tree is matched for a cache miss range, function cacheddevcachemiss will b...

Access Control Bypass

encryptfs-utils is vulnerable to access control bypass. An insecure temporary file use flaw was found in the ecryptfs-setup-private script. A local attacker could use this script to insert their own key that will subsequently be used by a new user, possibly giving the attacker access to the user'...

Imperva SecureSphere Elevation of Privilege Vulnerability

Imperva SecureSphere is a suite of high-performance, centralized data security protection and management products from US-based Imperva. The product provides unified auditing, reporting and logging of different SecureSphere products, visualization of security status and real-time monitoring of...