6347 matches found
The vulnerability of the `pdprl_get_from_raw_lbl` function in the Linux-astra-modules kernel module, related to improper memory release, allows a hacker to trigger a service failure.
The vulnerability of the pdprlgetfromrawlbl function in the linux-astra-modules kernel module is related to an improper check of the raw parameter. This leads to a slab-out-of-bounds error later on. Exploiting this vulnerability allows an attacker to cause service failures...
Exploit for SQL Injection in Zabbix
This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable applications and services, along with exploit modules and tools for testing and demonstrating vulnerabilities. The primary vulnerability being targeted is not explicitly stated...
Fedora: Security Advisory for ansible (FEDORA-2021-4ad7c70d71)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: ansible-2.9.23-1.fc33
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
[SECURITY] Fedora 34 Update: ansible-2.9.23-1.fc34
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
Babuk Ransomware Builder Mysteriously Appears in VirusTotal
The Babuk ransomware gang’s source code has been uploaded to VirusTotal, making it available to all security vendors and competitors. It’s unclear however just how that happened. According to a Wednesday posting from Malwarebytes, the operators of the ransomware – perhaps best-known for hitting t...
CVE-2021-28693
xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...
DEBIAN-CVE-2021-28693
xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...
ALPINE-CVE-2021-28693
xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...
CVE-2021-28693
xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...
CVE-2021-28693
xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...
CVE-2021-28693
xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...
CVE-2021-28693
CVE-2021-28693 (Xen ARM): The boot modules (e.g., kernel, initramfs) loaded by the Xen bootloader are not scrubbed in Arm environments, risking leakage of sensitive data from modules when handed to domain memory. The issue originates from the boot path not scrubbed before copying to domain memory...
CVE-2021-28693
xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...
sssd bug fix and enhancement update
The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...
An EPYC escape: Case-study of a KVM breakout
Posted by Felix Wilhelm, Project Zero Introduction KVM for Kernel-based Virtual Machine is the de-facto standard hypervisor for Linux-based cloud environments. Outside of Azure, almost all large-scale cloud and hosting providers are running on top of KVM, turning it into one of the fundamental...
The vulnerability of the update_log function (lib/Cleantalk/ApbctWP/Firewall/SFW.php) in spam protection modules, including AntiSpam and CleanTalk firewall plugins, allows attackers to execute arbitrary SQL queries.
The vulnerability of the updatelog function in modules for spam protection, AntiSpam, and CleanTalk firewall plugins is related to the failure to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries remotely...
The vulnerability in the array distribution of the library for working with PKCS P11-kit modules allows a hacker to cause a service failure.
The vulnerability in the array distribution of the library for working with PKCS P11-kit modules is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure through using calls like realloc or calloc...
Remote Code Execution via traversal in TAL expressions
Impact Most Python modules are not available for using in TAL expressions that you can add through-the-web, for example in Zope Page Templates. This restriction avoids file system access, for example via the 'os' module. But some of the untrusted modules are available indirectly through Python...
GHSA-5PR9-V234-JW36 Remote Code Execution via traversal in TAL expressions
Impact Most Python modules are not available for using in TAL expressions that you can add through-the-web, for example in Zope Page Templates. This restriction avoids file system access, for example via the 'os' module. But some of the untrusted modules are available indirectly through Python...