11 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-52893
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 m...
Linux Distros Unpatched Vulnerability : CVE-2022-48853
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - swiotlb: fix info leak with DMAFROMDEVICE The problem I'm addressing was discovered by the LTP test covering cve-2018-1000204. A short description of what happe...
PT-2023-29398 · Unknown · Nvmramsmm Smm Driver
Name of the Vulnerable Software and Affected Versions: Insufficient information is provided to determine the specific affected software versions. Description: A memory leakage issue was reported in the NvmramSmm SMM driver, potentially allowing a local attacker with elevated privileges to write t...
Mageia: Security Advisory (MGASA-2017-0261)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0259)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-30888
An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior...
CVE-2016-1000339
CVE-2016-1000339 describes a cryptographic leakage in Bouncy Castle JCE Provider v1.55 and earlier, where the primary AES engine class was AESFastEngine. Because of the table-driven lookup, data channel timing could leak information about the AES key via table accesses; AESEngine also had leaks b...
MGASA-2017-0258 Updated kernel-linus packages fixes security and other bugs
This kernel-linus update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...
CVE-2016-9911
Quick Emulator Qemu built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehciinittransfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host...
CURL-CVE-2014-3613 cookie leak with IP address as domain
By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary sites to set cookies for others. For this problem to trigger, the client application...
ActivCard password cache memory leakage
In December of the 2002 I was analysing the ActivCard product for a client. During the analysis I noticed that making a memory dump of the process "scardsrv" was possible to obtain the users stored staticaly in the card. This issue at first, could seem smaller, although in depth already it has a...