Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache Tomcat Connectors vulnerability (USN-8369-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8369-1 advisory. It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like...

CVE-2026-44570 Open WebUI: Inconsistent authorization controls within memories API

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authorization controls surrounding the memories API were inconsistent, resulting in the ability of a standard user to delete, restore, and view the contents of other users' memories...

Ivanti Secure Access Client 22.x < 22.8R6 Multiple Vulnerabilities

The Ivanti Secure Access Client installed on the remote host is 22.x prior to 22.8R6. It is, therefore, affected by multiple vulnerabilities: - An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify...

EUVD-2026-27602

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix infinite fault loop on permission-denied GPA intercepts Prevent infinite fault loops when guests access memory regions without proper permissions. Currently, mshvhandlegpaintercept attempts to remap pages for all faults...

EUVD-2025-37346

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

ALPINE-CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

EUVD-2020-3652

Malware in sbrugna...

EUVD-2007-6214

Malware in sbrugna...

EUVD-2006-3809

Malware in sbrugna...

EUVD-2023-12270

Malicious code in bioql PyPI...

CVE-2023-0181

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering...

Linux Distros Unpatched Vulnerability : CVE-2019-5068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared...

SUSE CVE-2023-49582

Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr.h Users are...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apr (SUSE-SU-2024:3428-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3428-1 advisory. - CVE-2023-49582: Fixed an unexpected lax shared memory permissions. bsc1229783 Tenable has extracted the...

SUSE-SU-2024:3429-1 Security update for apr

This update for apr fixes the following issues: - CVE-2023-49582: Fixed an unexpected lax shared memory permissions. bsc1229783...

SUSE-SU-2024:3428-1 Security update for apr

This update for apr fixes the following issues: - CVE-2023-49582: Fixed an unexpected lax shared memory permissions. bsc1229783...

Fedora 39 : apr (2024-318343049c)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-318343049c advisory. This update to the apr package fixes a security issue in the handling of shared memory permissions. SECURITY: CVE-2023-49582: Apache Portable Runtime APR:...

Fedora: Security Advisory (FEDORA-2024-b40491b84b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-46928

In the Linux kernel, the following vulnerability has been resolved: parisc: Clear stale IIR value on instruction access rights trap When a trap 7 Instruction access rights occurs, this means the CPU couldn't execute an instruction due to missing execute permissions on the memory region. In this...

ModuleShifting - Stealthier Variation Of Module Stomping And Module Overloading Injection Techniques That Reduces Memory IoCs

ModuleShifting is stealthier variation of Module Stomping and Module overloading injection technique. It is actually implemented in Python ctypes so that it can be executed fully in memory via a Python interpreter and Pyramid, thus avoiding the usage of compiled loaders. The technique can be used...