Use of Incorrectly-Resolved Name or Reference

Overview Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference via the MCPTool.Name sanitization in the NewMCPTool registration process in internal/agent/tools. An attacker can execute arbitrary MCP tools and inject prompts to exfiltrate context by...

EUVD-2019-5836

Malware in sbrugna...

CVE-2019-14685

A local privilege escalation vulnerability exists in Trend Micro Security 2019 v15.0 in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

DEBIAN-CVE-2023-1074

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

N. Korean Hackers Targeting Security Experts to Steal Undisclosed Researches

Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development. The internet giant's Threat Analysis Group TAG said the adversary created a...

Path traversal

Relative Path Traversal vulnerability in obs-service-tarscm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise...

CVE-2018-12476 obs-service-extract_file's outfilename parameter allows to write files outside of package directory

Relative Path Traversal vulnerability in obs-service-tarscm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise...

CVE-2019-14685

A local privilege escalation vulnerability exists in Trend Micro Security 2019 v15.0 in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service...

CVE-2019-14685

A local privilege escalation vulnerability exists in Trend Micro Security 2019 v15.0 in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service...

Privilege escalation

A local privilege escalation vulnerability exists in Trend Micro Security 2019 v15.0 in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service...

CVE-2019-14685

CVE-2019-14685 describes a local privilege escalation in Trend Micro Security 2019 (v15.0) where an attacker could manipulate a specific product feature to load a malicious service. The available connected documents confirm the vulnerability class (local privilege escalation) and affected product...

CVE-2019-14685

A local privilege escalation vulnerability exists in Trend Micro Security 2019 v15.0 in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service...

Content Spoofing

librdmacm is vulnerable to content spoofing. A static port 6125 is used to connect to the ibacm service by default. This allows a local attacker to host a malicious ibacm service on the same port to provide incorrect address resolution information to all librmdacm applications...

Shamoon Returns to Wipe Systems in Middle East, Europe

ARCHIVED STORY Shamoon Returns to Wipe Systems in Middle East, Europe By Alexandre Mundo · December 14, 2018 Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by ideology, politics, or even financial aims. Destructive...

RHEL 7 : OpenShift Container Platform 3.9 (RHSA-2018:2013)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2013 advisory. Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private...