1290 matches found
UBUNTU-CVE-2022-49771
In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first estimate the required space using the "dmtargetiteratelistversiongetneeded, &needed" call and then will fill the space using the...
The vulnerability of the RPC Endpoint Mapper service on Windows operating systems allows attackers to escalate their privileges.
The vulnerability of the RPC Endpoint Mapper service on Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
novel-cloud 注入漏洞
novel-cloud is a Spring Cloud microservices technology stack learning novel project built on novel by xxy individual developer. An injection vulnerability exists in novel-cloud version 1.4.0, which originates from a SQL injection due to a misuse of function RestResp in file...
Vulnerability of the __dm_internal_suspend() function in the drivers/md/dm.c module – The driver for supporting multiple devices (RAID and LVM) in the Linux kernel allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the dminternalsuspend function in the drivers/md/dm.c module – The driver for supporting multiple devices RAID and LVM in the Linux kernel is vulnerable due to improper control of resource identifiers “resource injection”. Exploiting this vulnerability allows an attacker to...
CVE-2025-26679
Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally...
PT-2025-27726
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the device-mapper dm and its handling of zoned devices with zone write plugs. The issue arises when the dm revalidate...
CVE-2025-26679
Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally...
CVE-2025-26679
Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally...
CVE-2025-26679
CVE-2025-26679 is described as a use-after-free in the RPC Endpoint Mapper Service that allows a locally authenticated attacker to escalate privileges. Connected sources corroborate its existence and categorize the impact as a privilege-escalation flaw within Windows’ RPC Endpoint Mapper componen...
CVE-2025-26679 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability
...
CVE-2025-26679 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability
...
RPC Endpoint Mapper Service Elevation of Privilege Vulnerability
Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally...
PT-2025-15520 · Microsoft · Windows Rpc Endpoint Mapper Service +1
Name of the Vulnerable Software and Affected Versions: Windows RPC Endpoint Mapper Service affected versions not specified Description: The issue is related to a use after free vulnerability in the RPC Endpoint Mapper Service, which allows an authorized attacker to elevate privileges locally. Thi...
CLSA-2025-1742472545 kernel: Fix of 9 CVEs
USB: serial: ioedgeport: fix use after free in debug printk CVE-2024-50267 - HID: core: zero-initialize the report buffer CVE-2024-50302 - dm cache: fix potential out-of-bounds access on the first resume CVE-2024-50278 - dm cache: fix out-of-bounds access to the dirty bitset when resizing...
CVE-2025-25590
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml...
CVE-2025-25580
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql method at /xml/UserMapper.xml...
device-mapper-multipath bug fix and enhancement update
An update is available for device-mapper-multipath. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
Creating Scripts to Identify Vulnerable Proxy Servers
This whitepaper covers how to create Nmap scripts to identify banners and versions of proxy servers. It also covers methods to mitigate the public visibility of banners and version information on proxy servers. Written in Portuguese...
Creating Scripts to Identify Vulnerable FTPs
This whitepaper covers how to create Nmap scripts to identify banners and versions of FTP servers. It also covers methods to mitigate the public visibility of banners and version information on FTP servers. Written in Portuguese...
GHSA-GVGG-2R3R-53X7 Improper Authorization in Keycloak Organization Mapper Allows Unauthorized Organization Claims
This vulnerability is caused by the improper mapping of users to organizations based solely on email/username patterns. The issue is limited to the token claim level, meaning the user is not truly added to the organization but may appear as such in applications relying on these claims. The risk...