16 matches found
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...
Astra Linux – Vulnerability in Samba
A flaw was discovered in the way Samba maps domain users to local users. An authenticated attacker could exploit this flaw to cause potential privilege escalation...
Bugsink 安全漏洞
Bugsink is an open-source, self-hosted bug tracking software developed by Bugsink. Versions of Bugsink prior to 2.2.0 contained security vulnerabilities. These vulnerabilities stemmed from the source mapping and debugging file searching mechanisms, which did not limit the scope of the projects. A...
Azure Linux 3.0 Security Update: samba (CVE-2021-20254)
The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-20254 advisory. - A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group...
CVE-2025-67246
A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresse...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003224)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003224 advisory. Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001381)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001381 advisory. A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget which are aligned to PUD...
CVE-2023-35722
NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists withi...
SUSE CVE-2011-1585
The cifsfindsmbses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user...
DEBIAN-CVE-2020-25717
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation...
Important: kernel-livepatch-5.10.62-55.141
Issue Overview: A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access t...
samba: Active Directory (AD) domain user could become root on domain members
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation...
AZL-7352 CVE-2021-20254 affecting package samba 4.12.5-7
A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...
Xen elevation of privilege vulnerability (CNVD-2019-07941)
Xen is an open source virtual machine monitor developed by the Xen Project. An elevation of privilege vulnerability exists in 4.11.x and earlier versions of Xen on AMD x86 platforms, which stems from the failure of small IOMMU mappings to be securely combined into larger IOMMU mappings, which can...
kernel: Incorrectly mapped contents of PIE executable
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected...
DEBIAN-CVE-2015-5053
The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of...