2358 matches found
CVE-2023-36650
A missing integrity check in the update system in ProLion CryptoSpike 3.0.15P2 allows attackers to execute OS commands as the root Linux user on the host system via forged update packages...
Rocky Linux 8 : qt5 (RLSA-2022:7482)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7482 advisory. - In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not...
Internet Bug Bounty: Privilege Esacalation at Apache Airflow 2.5.1
A vulnerability was found in Apache Airflow before version 2.6.0 that allowed local Linux users to access sensitive files, such as SSH private keys, owned by the account that operates Airflow. The issue was caused by Airflow setting log files to vulnerable privileges, allowing any Linux user on t...
SUSE CVE-2009-2715
Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service Linux host OS reboot via a sysenter instruction...
SUSE CVE-2019-3016
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD...
Security update for virtualbox (important)
openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2022:10152-1 Rating: important References: 1201720 1203086 1203306 1203370 1203735 1204019 Cross-References: CVE-2022-21554 CVE-2022-21571 CVSS scores: CVE-2022-21554 NVD : 4.4...
Security update for virtualbox (important)
openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2022:10129-1 Rating: important References: 1201720 1203086 1203306 1203370 Cross-References: CVE-2022-21554 CVE-2022-21571 CVSS scores: CVE-2022-21554 NVD : 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H...
Security update for virtualbox (important)
openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2022:10067-1 Rating: important References: 1198676 1198677 1198678 1198679 1198680 1198703 1199803 1201720 Cross-References: CVE-2022-21465 CVE-2022-21471 CVE-2022-21487 CVE-2022-21488 CVE-2022-21491...
Node.js: Node 18 reads openssl.cnf from /home/iojs/build/... upon startup.
A vulnerability was discovered in Node.js 18.4.0 where it attempted to read an openssl.cnf file from a specific location upon startup. This could potentially allow an attacker with a self-chosen username to affect the OpenSSF configuration of other users on a shared Linux host...
Security update for virtualbox (important)
openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:1403-1 Rating: important References: 1191104 1191526 1191869 Cross-References: CVE-2021-2475 CVE-2021-35538 CVE-2021-35540 CVE-2021-35542 CVE-2021-35545 CVSS scores: CVE-2021-2475 NVD : 4.4...
openSUSE: Security Advisory for virtualbox (openSUSE-SU-2021:1092-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for virtualbox (openSUSE-SU-2021:0165-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CentOS 8 : container-tools:2.0 (CESA-2021:0706)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:0706 advisory. - podman: container users permissions are not respected in privileged containers CVE-2021-20188 Note that Nessus has not tested for this issue but has instead...
openSUSE Security Update : virtualbox (openSUSE-2021-165)
This update for virtualbox fixes the following issues : Version update to 6.1.18 released January 19 2021 This is a maintenance release. The following items were fixed and/or added : - Nested VM: Fixed hangs when executing SMP nested-guests under certain conditions on Intel hosts bug 19315, 19561...
RHEL 8 : freerdp (RHSA-2020:2335)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2335 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...
CVE-2019-0069
On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device...
Design/Logic Flaw
On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device...
CVE-2019-0069 Junos OS: vSRX, SRX1500, SRX4K, ACX5K, EX4600, QFX5100, QFX5110, QFX5200, QFX10K and NFX Series: console management port device authentication credentials are logged in clear text
On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device...
openSUSE: Security Advisory for virtualbox (openSUSE-SU-2019:1547-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-5525
VMware Workstation 15.x before 15.1.0 contains a use-after-free vulnerability in the Advanced Linux Sound Architecture ALSA backend. A malicious user with normal user privileges on the guest machine may exploit this issue in conjunction with other issues to execute code on the Linux host where...