Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26990)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26990 advisory. - In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2...

Malicious code in pml-edi-parser (npm)

The package pml-edi-parser was found to contain malicious code...

MAL-2025-29446 Malicious code in pml-edi-parser (npm)

The package pml-edi-parser was found to contain malicious code...

CVE-2024-26990

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status Check kvmmmupageadneedwriteprotect when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU accounts for any...

CVE-2024-26990 KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status Check kvmmmupageadneedwriteprotect when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU accounts for any...

CVE-2024-26990

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status Check kvmmmupageadneedwriteprotect when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU accounts for any...

CVE-2024-26990

In CVE-2024-26990, the Linux kernel KVM x86/mmu vulnerability concerns write-protection of L2 SPTEs in the TDP MMU when clearing dirty status. The fix ensures that TDP MMU SPTEs are write-protected when using the L2 page table level with EPT disabled on L1 and PML enabled; since KVM disables PML ...

CVE-2024-26990 KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status Check kvmmmupageadneedwriteprotect when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU accounts for any...

pml-designs.com Improper Access Control vulnerability OBB-3807182

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Spartacus - DLL Hijacking Discovery Tool

Why "Spartacus"? If you have seen the film Spartacus from 1960, you will remember the scene where the Romans are asking for Spartacus to give himself up. The moment the real Spartacus stood up, a lot of others stood up as well and claimed to be him using the "I AM SPARTACUS" phrase. When a proces...

SUSE CVE-2010-4267

Stack-based buffer overflow in the hpmudgetpml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing HPLIP 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted SNMP respons...

Noriben - Your Personal, Portable Malware Sandbox

Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text report of the sample's activities. Noriben...

HP Multiple Products PML Driver HPZ12 Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21935/info Multiple HP products are prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain SYSTEM-level privileges, completely compromising affected computers. This issue affects H...

DEBIAN-CVE-2010-4267

Stack-based buffer overflow in the hpmudgetpml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing HPLIP 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted SNMP respons...

Design/Logic Flaw

The PML Driver HPZ12 HPZipm12.exe in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICECHANGECONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to...

CVE-2007-0161

The PML Driver HPZ12 HPZipm12.exe in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICECHANGECONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to...

HP多个产品PML Driver HPZ12服务本地权限提升漏洞

PML Driver HPZ12服务是很多HP产品（尤其是多合一产品、打印机、扫描仪等）所安装的驱动服务。 PML Driver HPZ12服务在执行权限管理时存在漏洞，本地攻击者可能利用此权限提升自己的权限。 PML Driver HPZ12服务没有设置安全的SERVICECHANGECONFIG权限。默认下安装该服务时有以下属性： Name: PML Driver HPZ12 Filename: HPZipm12.exe Description: Used by HP Printer/Scanner/Copier printers to prevent Windows from...

Hewlett Packard multiple printers privilege escalation

Local user have full access to printer service "PML Driver HPZ12" thorugh service manager, making it possible to configure any executable to be run with local system privileges...

HP Multiple Products PML Driver Local Privilege Escalation

HP Multiple Products PML Driver Local Privilege Escalation By Sowhat of Nevis Labs 2007.01.08 http://www.nevisnetworks.com http://secway.org/advisory/AD20070108.txt Vendor Hewlett-Packard Products Affected HP All-In-One products HP PSC 700 series HP PSC 900 series HP PSC 1100 series HP PSC 1200...

HP (Multiple Products) - PML Driver HPZ12 Privilege Escalation

HP Multiple Products - PML Driver HPZ12 Privilege Escalation source: https://www.securityfocus.com/bid/21935/info Multiple HP products are prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain SYSTEM-level privileges, completely compromising affected...