18 matches found
EUVD-2023-1516
Malicious code in bioql PyPI...
CVE-2023-33779
A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/...
RHEL 9 : kernel live patch module (RHSA-2024:1253)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1253 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...
RHEL 8 : kpatch-patch (RHSA-2024:0593)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0593 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...
RHEL 8 : kernel (RHSA-2024:0403)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0403 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bpf: Incorrect verifier prunin...
SUSE SLES15 Security Update : kernel (Live Patch 29 for SLE 15 SP3) (SUSE-SU-2023:4836-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4836-1 advisory. This update for the Linux Kernel 5.3.18-15030059112 fixes several issues. The following security issues were fixed: - CVE-2023-3777: Fixed a...
SUSE SLES15 Security Update : kernel (Live Patch 5 for SLE 15 SP5) (SUSE-SU-2023:4863-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4863-1 advisory. This update for the Linux Kernel 5.14.21-1505005528 fixes several issues. The following security issues were fixed: - CVE-2023-3777: Fixed a...
SUSE SLES15 Security Update : kernel (Live Patch 34 for SLE 15 SP2) (SUSE-SU-2023:4866-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4866-1 advisory. This update for the Linux Kernel 5.3.18-15020024145 fixes several issues. The following security issues were fixed: - CVE-2023-4622: Fixed a...
SUSE SLES15 Security Update : kernel (Live Patch 34 for SLE 15 SP3) (SUSE-SU-2023:4820-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4820-1 advisory. This update for the Linux Kernel 5.3.18-15030059127 fixes several issues. The following security issues were fixed: - CVE-2023-3777: Fixed a...
SUSE SLES15 Security Update : kernel (Live Patch 32 for SLE 15 SP2) (SUSE-SU-2023:4833-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4833-1 advisory. This update for the Linux Kernel 5.3.18-15020024139 fixes several issues. The following security issues were fixed: - CVE-2023-4622: Fixed a...
SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP5) (SUSE-SU-2023:4841-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4841-1 advisory. This update for the Linux Kernel 5.14.21-1505005512 fixes several issues. The following security issues were fixed: - CVE-2023-3610: Fixed...
SUSE SLES15 Security Update : kernel (Live Patch 27 for SLE 15 SP3) (SUSE-SU-2023:4871-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4871-1 advisory. This update for the Linux Kernel 5.3.18-15030059106 fixes several issues. The following security issues were fixed: - CVE-2023-3777: Fixed a...
SUSE SLES15 Security Update : kernel (Live Patch 36 for SLE 15 SP2) (SUSE-SU-2023:4796-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4796-1 advisory. This update for the Linux Kernel 5.3.18-15020024151 fixes several issues. The following security issues were fixed: - CVE-2023-4622: Fixed a...
SUSE SLES15: kernel-livepatch-5_14_21-150400_24_74-default / etc (SUSE-SU-2023:4805-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4805-1 advisory. This update for the Linux Kernel 5.14.21-1504002474 fixes several issues. The following security issues were fixed: - CVE-2023-3610: Fixed...
Oracle Linux 8 : kernel (ELSA-2023-7549)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7549 advisory. - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice Mauro Carvalho Chehab CVE-2022-45884 - cifs: Fix UAF in cifsdemultiplexthread...
CVE-2023-2163 Incorrect Verifier Branch Pruning Logic Leads To Arbitrary Read/Write In Linux Kernel and Lateral Privilege Escalation
Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...
Privilege escalation in XXL-Job
A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/...
CVE-2023-33779
CVE-2023-33779 affects XXL-JOB v2.4.1. A lateral privilege escalation exists where a crafted POST to the "/jobinfo/" endpoint allows a user to execute arbitrary commands on another user’s account. The PT-2023-24485 document corroborates the affected version and endpoint. No exploit code is provid...