22 matches found
EUVD-2015-9043
Malware in sbrugna...
EUVD-2024-47103
Malicious code in bioql PyPI...
CVE-2025-38486
CVE-2025-38486 concerns a Linux kernel soundwire regression where revert of the qcom set_channel_map API (soundwire: qcom: Add set_channel_map api support) caused kernel instability on Dragonboard 845c (sdm845), including BRK/Fatal exception and a non‑summing trace. Connected reports document spe...
CVE-2024-5987
The WP Accessibility Helper WAH plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savecontrastvariations' and 'saveemptycontrastvariations' functions in all versions up to, and including, 0.6.2.8. This makes it possible for...
CVE-2022-49856
This CVE entry is rejected/not used and does not represent an active vulnerability.
PowerVR Patch Security Issues
A couple security issues were discovered in PowerVR during a patch review. While reviewing a preview patch for https://bugs.chromium.org/p/project-zero/issues/detail?id=2540 , I noticed some issues - most of them minor, but the following two seem like they probably have bigger security impact: F....
Linux Distros Unpatched Vulnerability : CVE-2024-56674
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: virtionet: correct netdevtxresetqueue invocation point When virtnetclose is followed by...
Linux Distros Unpatched Vulnerability : CVE-2024-50134
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fa...
Linux Distros Unpatched Vulnerability : CVE-2024-56549
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object-file At present, the object-file has the...
Linux Distros Unpatched Vulnerability : CVE-2019-11718
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without...
SUSE-SU-2024:0834-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks bsc1219026. Fixed issues introduced by first patches for CVE-2023-42465 bsc1220389...
SUSE-SU-2022:4080-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: - Update to jdk-11.0.17+8 October 2022 CPU - CVE-2022-39399: Improve HTTP/2 client usagebsc1204480 - CVE-2022-21628: Better HttpServer service bsc1204472 - CVE-2022-21624: Enhance icon presentations bsc1204475 - CVE-2022-21619: Improve...
SUSE-SU-2022:1940-1 Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP4)
This update for the Linux Kernel 4.12.14-9596 fixes several issues. The following security issue was fixed: - CVE-2022-30594: Fixed restriction bypass on setting the PTSUSPENDSECCOMP flag bnc1199602. - Add missing modulemutex lock to module notifier for previous live patches bsc1199834...
UPDATE: Microsoft Security Bulletin MS02-050: Certificate Validation Flaw Could Enable Identity Spoofing (Q329115)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Certificate Validation Flaw Could Enable Identity Spoofing Q329115 Released: 04 September 2002 Revised: 20 November 2002 version 4.0 Software: Microsoft Windows, Microsoft Office for...
Technical information about unpatched MS Java vulnerabilities
These are some technical details about the security vulnerabilities I've found in Microsoft's Java implementatation. They were reported to the vendor mostly during August 2002. Microsoft no longer responds to my inqueries and doesn't seem to react about these severe vulnerabilities which affect...
Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (2)
// source: https://www.securityfocus.com/bid/6005/info The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC service will be disabled. This vulnerability was originally...
Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (3)
source: https://www.securityfocus.com/bid/6005/info The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC service will be disabled. This vulnerability was originally...
Microsoft Windows XP2000NT 4.0 - RPC Service Denial of Service (4)
Microsoft Windows XP2000NT 4.0 - RPC Service Denial of Service 4 source: https://www.securityfocus.com/bid/6005/info The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC...
Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (4)
source: https://www.securityfocus.com/bid/6005/info The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC service will be disabled. This vulnerability was originally...
Update and comments on the MS02-023 patch, holes still remain
The latest cumulative patch from Microsoft, http://www.microsoft.com/technet/security/bulletin/MS02-023.asp , promises to eliminate "six newly discovered vulnerabilities", but fails to do so. First, we find what MS calls "A cross-site scripting vulnerability in a Local HTML Resource". This is...