SUSE-SU-2025:4111-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. - CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857. ...

EUVD-2015-0528

Malware in sbrugna...

EUVD-2017-16977

Malware in sbrugna...

CVE-2021-25415

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable...

CVE-2018-1000180

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 bet...

CVE-2018-1000180

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 bet...

CVE-2018-1000180

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 bet...

m-r-c.ru XSS vulnerability

Open Bug Bounty ID: OBB-603960 Description| Value ---|--- Affected Website:| m-r-c.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

m-r-l.ch XSS vulnerability

Open Bug Bounty ID: OBB-580256 Description| Value ---|--- Affected Website:| m-r-l.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2017-8012

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Java Management Extensions JMX protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service DoS condition. Attackers with knowledge o...

CVE-2017-8007

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, a...

Design/Logic Flaw

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Java Management Extensions JMX protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service DoS condition. Attackers with knowledge o...

Directory traversal

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, a...

CVE-2017-8012

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Java Management Extensions JMX protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service DoS condition. Attackers with knowledge o...

CVE-2017-8007

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, a...

CVE-2017-8007

Dell EMC VNX Monitoring and Reporting Scheduler Directory Traversal Remote Code Execution vulnerability (CVE-2017-8007) affects EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs where the Webservice Gateway processes inputs unsafely, enabling a directory traversal seq...

CVE-2017-8012

The CVE pertains to Dell EMC/VNX Monitoring and Reporting (RMI Registry) deserialization vulnerability that can be exploited remotely to cause a DoS. The attack path involves the exposed RMI registry (default port 52569) accepting untrusted data; authentication exists but can be bypassed per the ...

CVE-2017-8011

EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R Watch4Net for SAS Solution Packs all versions contain undocumented accounts with default passwords for Webservice Gateway and RMI J...

CVE-2017-8011

CVE-2017-8011 is substantiated by connected disclosures indicating default/undocumented accounts with passwords in EMC/VNX monitoring products, enabling remote execution when the Webservice Gateway/RMI JMX are targeted. ZDI-17-505 details a remote code execution path via static credentials in the...

CVE-2017-8011

EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R Watch4Net for SAS Solution Packs all versions contain undocumented accounts with default passwords for Webservice Gateway and RMI J...