28 matches found
EUVD-2020-12580
Malware in sbrugna...
USN-7429-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Drivers core; - HID subsystem; - Network drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - File systems...
Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-7429-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7429-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-7415-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7415-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
Oracle Java SE Security Update (jul2023) 02 - Linux
Oracle Java SE is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Java SE Security Update (jul2023) 02 - Windows
Oracle Java SE is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Java SE Security Update (apr2023) 02 - Linux
Oracle Java SE is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Java SE Security Update (apr2023) 02 - Windows
Oracle Java SE is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:0835-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0835-1)
This update for the Linux Kernel 4.4.121-92149 fixes several issues. The following security issues were fixed : CVE-2020-27786: Fixed a potential user after free which could have led to memory corruption or privilege escalation bsc1179616. CVE-2020-28374: Fixed insufficient identifier checking in...
Ryuk ransomware develops worm-like capability
The French governments computer emergency readiness team, thats part of the National Cybersecurity Agency of France, or ANSSI, has discovered a Ryuk variant that has worm-like capabilities during an incident response. For those unacquainted with Ryuk, it is a type of ransomware that is used in...
Routopsy - A Toolkit Built To Attack Often Overlooked Networking Protocols
Routopsy is a toolkit built to attack often overlooked networking protocols. Routopsy currently supports attacks against Dynamic Routing Protocols DRP and First-Hop Redundancy Protocols FHRP. Most of the attacks currently implemented make use of a weaponised 'virtual router' as opposed to...
CVE-2020-1749
A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...
CVE-2020-1749
A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...
CVE-2020-1749
CVE-2020-1749 describes a flaw in the Linux kernel’s IPsec networking implementation (notably VXLAN and GENEVE tunnels over IPv6). When an encrypted tunnel is established between two hosts, tunneled data may be misrouted over the encrypted link, causing data to be sent unencrypted and potentially...
NETGEAR R6700v3 Password Reset / Remote Code Execution Exploit
This document describes a stack overflow vulnerability that was found in October, 2019 and presented in the Pwn2Own Mobile 2019 competition in November 2019. The vulnerability is present in the UPNP daemon /usr/sbin/upnpd, running on NETGEAR R6700v3 router with firmware versions V1.0.4.8210.0.57...
Important: kernel
Issue Overview: In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4xattrsetentry use-after-free in fs/ext4/xattr.c when a large oldsize value is used in a memset call.CVE-2019-19319 In the Linux...
Important: kernel
Issue Overview: In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4xattrsetentry use-after-free in fs/ext4/xattr.c when a large oldsize value is used in a memset call.CVE-2019-19319 In the Linux...
EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1508)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In f2fsxattrgenericlist of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information...
SUSE SLES12 Security Update : kernel (SUSE-SU-2020:0868-1)
This update for the Linux Kernel 3.12.74-6064124 fixes several issues. The following security issues were fixed : CVE-2020-1749: Fixed an issue in the networking protocols in encrypted IPsec tunnel bsc1165631 CVE-2019-5108: Fixed an issue where by triggering AP to send IAPP location updates for...