SUSE SLES15 Security Update : kernel (Live Patch 11 for SLE 15 SP3) (SUSE-SU-2022:3433-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3433-1 advisory. - Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in...

SUSE SLES15 Security Update : kernel (Live Patch 11 for SLE 15 SP3) (SUSE-SU-2022:1569-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1569-1 advisory. - A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 11 for SLE 15 SP2) (SUSE-SU-2021:2366-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2366-1 advisory. - A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a...

SUSE: Security Advisory (SUSE-SU-2017:3323-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2786-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2048-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:1272-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Bash 5.0 Patch 11 Privilege Escalation

Exploit Title : Bash 5.0 Patch 11 - SUID Priv Drop Exploit Date : 2019-11-29 Original Author: Ian Pudney , Chet Ramey Exploit Author : Mohin Paramasivam Shad0wQu35t Version : pwn.c cat E...

Bash 5.0 Patch 11 - SUID Priv Drop Exploit

Bash 5.0 Patch 11 - SUID Priv Drop Exploit Exploit Title : Bash 5.0 Patch 11 - SUID Priv Drop Exploit Date : 2019-11-29 Original Author: Ian Pudney , Chet Ramey Exploit Author : Mohin Paramasivam Shad0wQu35t Version : pwn.c cat pwn.c include...

Zimbra Collaboration Suite ProxyServlet Server Side Request Forgery

Added: 06/06/2019 CVE: CVE-2019-9621 Background Zimbra Collaboration Suite is an email, calendar, and collaboration solution for enterprises. Problem The ProxyServlet component allows a remote attacker to upload arbitrary files, which can then be executed, using XML External Entity injection and...

Security Bulletin: IBM QRadar SIEM contains vulnerable components and libraries. (CVE-2011-4314)

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2011-4314 DESCRIPTION: OpenID4Java could allow a remote attacker to bypass security restrictions, caused by the improper...

Security Bulletin: Open Source Apache Tomcat as used in IBM QRadar SIEM is vulnerable to a security bypass. (CVE-2014-7810)

Summary Open Source Apache Tomcat Security Manager bypass. Vulnerability Details CVE-ID: CVE-2014-7810 Description: Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the use of expression language. An attacker could exploit this vulnerability to bypass the...

McAfee VirusScan Enterprise 'McTray.exe' Privilege Escalation Vulnerability - Windows

McAfee VirusScan Enterprise is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-0881

EMC Documentum xCP is affected: versions 2.1 before patch 23 and 2.2 before patch 11 expose a DQL injection via REST requests, allowing remote authenticated attackers to obtain sensitive repository information. The root cause is improper handling of XCP REST requests, enabling execution of SQL-li...

CVE-2016-0882

EMC Documentum xCP is affected: versions 2.1 before patch 23 and 2.2 before patch 11 are vulnerable to a XML External Entity (XXE) issue. The vulnerability enables remote authenticated users to read arbitrary files by sending a POST request containing an XML external entity declaration combined w...

CVE-2015-2011

The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors...

CVE-2015-2011

The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors...

HP-UX Security Patch : PHKL_32772

VxFS 3.5-ga15 Kernel Cumulative Patch 11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26410; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate",...

SAP Internet Graphics Server远程缓冲区溢出漏洞

SAP Internet Graphics Server是SAP R/3企业环境的一个组件，可提供图形服务。 SAP Internet Graphics Server不正确处理用户提交的HTTP请求，远程攻击者可以利用漏洞进行缓冲区溢出攻击，可能以进程权限执行任意指令。 目前没有详细漏洞细节提供，成功利用漏洞可导致在UNIX系统下获得SAP系统管理员特权，而在windows下可导致获得SYSTEM权限。 SAP Internet Graphics Server 6.40 Patch 11 SAP Internet Graphics Server 6.40 SAP Internet...

McAfee VirusScan 8.0 - Path Specification Privilege Escalation

// source: https://www.securityfocus.com/bid/16040/info McAfee VirusScan is prone to a vulnerability that could allow an arbitrary file to be executed. The 'naPrdMgr.exe' process calls applications without using properly quoted paths. Successful exploitation may allow local attackers to gain...