65 matches found
Google Android OS 安全漏洞
Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android Framework, which can be exploited by attackers to cause an elevation of privilege...
Microsoft Windows Win32K 安全漏洞
Microsoft Windows Win32k is a system file for Windows multi-user administration from Microsoft USA. A security vulnerability exists in Microsoft Windows Win32K. The following products and versions are affected:Windows 11 version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit...
RXSA-2023:0951 Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 kernel: use-after-free in...
Microsoft SQL Server 2014 / 2016 / 2017 / 2019 / 2022 Audit Logging Failure Vulnerability
Microsoft SQL Server 2014, 2016, 2017, 2019, and 2022 appears to ignore audit rules for sys.sysxlgns allowing an attacker with administrative permissions to extract password hashes under the radar. Microsoft told the researcher they are not willing to fix it but acknowledge it as a security...
Microsoft SQL Server 2014 / 2016 / 2017 / 2019 / 2022 Audit Logging Failure
Title: Microsoft SQL Server Password Hash Exposure Product: Database Manufacturer: Microsoft Affected Versions: 2012-2022 Risk Level: Medium CVE Reference: N/A Author of Advisory: Emad Al-Mousa Overview: SQL Server is a popular database system, and database systems are a vital backbone in IT...
CVE-2023-22756
CVE-2023-22756 corresponds to buffer overflow vulnerabilities in ArubaOS processes that allow unauthenticated remote code execution when specially crafted packets are sent via the PAPI protocol. Affected product family: ArubaOS (Aruba Mobility Controllers/ gateways). Root cause described as buffe...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...
Huawei Emui and Magic UI Configuration Flaw Vulnerability
Huawei Emui is a mobile operating system developed based on Android.Magic Ui is a mobile operating system developed based on Android. Huawei Emui and Magic UI have security vulnerabilities that can be exploited by attackers to compromise service confidentiality...
July 13, 2021 Public preview security update (KB5004243)
None None...
CVE-2021-28809
An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3. If exploited, this vulnerability allows attackers to compromise the security of the operating system.QNAP have already fixed this vulnerability in the following versions of HBS 3: QTS 4.3.6: HBS...
CVE-2019-8832
CVE-2019-8832 is a memory corruption vulnerability in Apple platforms. The issue could allow an application to execute arbitrary code with system privileges. It affects multiple Apple operating systems, with fixes in iOS 13.3, iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 20...
webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2020-9821
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges...
Microsoft and partners design new device security requirements to protect against targeted firmware attacks
Recent developments in security research and real-world attacks demonstrate that as more protections are proactively built into the OS and in connected services, attackers are looking for other avenues of exploitation with firmware emerging as a top target. In the last three years alone, NIST’s...
CVE-2018-4257
In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved size validation...
CVE-2017-0335
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
Amazon Web Services Inspector Application Security Scanner
Amazon answered many security and compliance prayers yesterday with the release of its Inspector tool. Inspector scans applications launched in Amazon Web Services instances, looking for issues on two fronts: compliance with certain regulations such as the Payment Card Industry Data Security...
Fedora Update for kernel FEDORA-2013-12530
Check for the Version of kernel OpenVAS Vulnerability Test Fedora Update for kernel FEDORA-2013-12530 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
New Analysis Finds Java is the Weakest Link in the Security Chain
Exploit kits come and go, but the exploits they utilize remain the same, according to Securelist’s mid-year analysis of exploit kits and attack vectors. In 2010, the top five exploit kits, ordered by prevalence, were the Phoenix, Eleanor, NeoSploit, YESExploitKit, and SEOSPloitPack exploit kits...
Manufacturers, Carriers Look to Defend Devices Against Attackers and Users
As mobile phones have gradually morphed into complete computing devices in the last few years with the advent of the iPhone and Android-based phones, mobile phone manufacturers and wireless carriers have been working to create new protection mechanisms to stop attacks against the increasingly...