107 matches found
PT-2026-46138
Name of the Vulnerable Software and Affected Versions OpenStack Ironic versions prior to 35.0.2 Description An authenticated project admin or manager can read local files on the Ironic conductor by exploiting the pxe template variable. Recommendations Update to version 35.0.2 or later...
SUSE CVE-2011-3175
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management ZCM 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request...
CVE-2025-62877
Projects using the SUSE Virtualization Harvester environment may expose the OS default ssh login password if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is...
CVE-2025-14302
Certain motherboard models developed by GIGABYTE has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security feature...
PT-2025-51800
Name of the Vulnerable Software and Affected Versions GIGABYTE motherboard models affected versions not specified Description A protection mechanism failure exists in certain GIGABYTE motherboard models due to improperly enabled IOMMU. This allows unauthenticated physical attackers with a...
EUVD-2021-8827
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2008-3896
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which...
Security update for ovmf
This update for ovmf fixes the following issues: PXE boot is failing due to patches applied to fix CVE-2023-45236 and CVE-2023-45237 bsc1237084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Novell ZENworks Configuration Management Preboot Service Remote File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell ZENworks Configuration Management Preboot Service Remote File Access', 'Description' = %q This module exploits a directory traversal in th...
CVE-2023-24063
Diebold Nixdorf Vynamic Security Suite VSS before 3.3.0 SR10 fails to validate /etc/mtab during the Pre-Boot Authorization PBA process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in OpenSSH
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in OpenSSH. Vulnerability Details CVEID: CVE-2018-15919 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by an error in auth-gss2.c when GSS2 is in use. By sending...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in xorg-x11
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in xorg-x11. Vulnerability Details CVEID: CVE-2015-9262 DESCRIPTION: libXcursor is vulnerable to a one-byte heap-based buffer overflow, caused by improper bounds checking by the XcursorThemeInherits in...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libjpeg
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in libjpeg. Vulnerability Details CVEID: CVE-2018-11813 DESCRIPTION: libjpeg is vulnerable to a denial of service, caused by a large loop in the readpixel function in rdtarga.c. By persuading a victim to...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libtirpc (CVE-2018-14622 CVE-2018-14621)
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in libtirpc. Vulnerability Details CVEID: CVE-2018-14622 DESCRIPTION: Libtirpc is vulnerable to a denial of service, caused by a NULL pointer dereference in the rpc-based application. By flooding the...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libTIFF
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in libTIFF. Vulnerability Details CVEID: CVE-2016-10094 DESCRIPTION: LibTIFF is vulnerable to a heap-based buffer overflow, caused by an off-by-one error flaw in the t2preadwritepdfimagetile function in...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in cURL (CVE-2018-16840 CVE-2018-16842)
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in cURL. Vulnerability Details CVEID: CVE-2018-16840 DESCRIPTION: cURL is vulnerable to a denial of service, caused by a heap use-after-free flaw in the Curlclose function. By sending a specially-crafted...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in procps
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in procps. Vulnerability Details CVEID: CVE-2018-1126 DESCRIPTION: procps-ng procps is vulnerable to a buffer overflow, caused by improper bounds checking. By sending a specially-crafted request, a remote...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in GNU C Library (CVE-2017-15804 CVE-2017-15670 CVE-2015-5180)
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in GNU C Library. Vulnerability Details CVEID: CVE-2017-15804 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a buffer overflow, caused by improper bounds checking by glob function in glob.c...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerability in perl (CVE-2018-12015)
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerability in perl. Vulnerability Details CVEID: CVE-2018-12015 DESCRIPTION: Perl could allow a remote attacker to traverse directories on the system, caused by improper validation of user request by the Archive::Tar...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerability in cURL (CVE-2018-14618)
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerability in cURL. Vulnerability Details CVEID: CVE-2018-14618 DESCRIPTION: cURL libcurl is vulnerable to a buffer overflow, caused by an integer overflow flaw in the Curlntlmcoremknthash internal function in the NTLM...