199 matches found
CVE-2024-26818
In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $ make HOSTCC=clang CC=clang LLVMIAS=1 ... clang -O -g -DVERSION="6.8.0-rc3" -flto=auto -fexceptions -fstack-protector-strong...
CVE-2024-26818 tools/rtla: Fix clang warning about mount_point var size
In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $ make HOSTCC=clang CC=clang LLVMIAS=1 ... clang -O -g -DVERSION="6.8.0-rc3" -flto=auto -fexceptions -fstack-protector-strong...
CVE-2024-26818 tools/rtla: Fix clang warning about mount_point var size
In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $ make HOSTCC=clang CC=clang LLVMIAS=1 ... clang -O -g -DVERSION="6.8.0-rc3" -flto=auto -fexceptions -fstack-protector-strong...
AZL-56819 CVE-2023-52596 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix out of bounds access for empty sysctl registers When registering tables to the sysctl subsystem there is a check to see if header is a permanently empty directory used for mounts. This check evaluates the first elemen...
DEBIAN-CVE-2023-52596
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix out of bounds access for empty sysctl registers When registering tables to the sysctl subsystem there is a check to see if header is a permanently empty directory used for mounts. This check evaluates the first elemen...
UBUNTU-CVE-2023-52596
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix out of bounds access for empty sysctl registers When registering tables to the sysctl subsystem there is a check to see if header is a permanently empty directory used for mounts. This check evaluates the first elemen...
PT-2024-15116 · Unknown · Is Mount Point
Name of the Vulnerable Software and Affected Versions: is mount point affected versions not specified Description: The issue concerns a possible buffer overflow in the is mount point function. Recommendations: At the moment, there is no information about a newer version that contains a fix for th...
PT-2024-7734 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel version 6.8.0-rc3 Description: The issue is related to a potential buffer overflow in the fscanf function, which may occur when the mount point variable is used. The warning is reported by clang, indicating that the destination...
CVE-2023-32474
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion...
CVE-2023-32454
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service...
Arbitrary file deletion
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion...
CVE-2023-32454
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service...
CVE-2023-32454
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service...
CVE-2023-32454
Dell DUP Framework ≤ 4.9.4.36 is affected by an insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit this to create arbitrary files, potentially causing denial of service. Affected product: Dell Update Package Framework. Root cause: insec...
CVE-2023-32474
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion...
CVE-2023-32474
Dell Display Manager (Windows) versions 2.1.1.17 and earlier are affected by an insecure operation on Windows junction/mount points that an attacker can exploit during installation, allowing arbitrary folder or file deletion. This is a local, low-privilege, high-impact issue (prone to file/system...
AZL-35010 CVE-2024-23652 affecting package moby-engine for versions less than 25.0.3-1
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the...
Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
The vulnerability of the Dell Command | Update, Dell Update, and Alienware Update software relates to a insecure operation at the mount point in the Windows operating system. This allows an attacker to delete arbitrary files.
The vulnerability of the Dell Command | Update, Dell Update, and Alienware Update programs is related to a unsafe operation at the mount point in the Windows operating system. Exploiting this vulnerability could allow an attacker to delete arbitrary files...
GHSA-47XW-VW6M-W9FQ HashiCorp Vagrant Insecure Operation on Windows Junction / Mount Point vulnerability
HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0...