EUVD-2022-55720

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't present. Check the PF instead...

CVE-2022-50636 PCI: Fix pci_device_is_present() for VFs by checking PF

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't present. Check the PF instead...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986855)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986855 advisory. In the Linux kernel, the following vulnerability has been resolved: net-sysfs: add check for netdevice being present to speedshow When bringing down the netdevice or...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the s390/sclp module not handling the NULL case before the SCCB presence check...

Linux Distros Unpatched Vulnerability : CVE-2021-22233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in GitLab EE versions 13.10 and later allowed a user to read project details CVE-2021-22233 Note that Nessus relies on t...

Linux Distros Unpatched Vulnerability : CVE-2017-15612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink...

CVE-2021-38299

Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user's system is able to login to a vulnerable service using an attached FIDO2 authenticator without passing a check of the user presence...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46679)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46679 advisory. - In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when...

CVE-2024-46679

In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings A sysfs reader can race with a device reset or removal, attempting to read device state when the device is not actually present. eg: exception RIP: qedgetcurrentlink+17 ...

CVE-2024-46679 ethtool: check device is present when getting link settings

In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings A sysfs reader can race with a device reset or removal, attempting to read device state when the device is not actually present. eg: exception RIP: qedgetcurrentlink+17 ...

CVE-2024-46679

CVE-2024-46679 (Linux kernel) : A race between sysfs reading of ethtool link settings and device removal can read state when the device is not present, causing a crash. The fix moves a device-presence check into ethtool (and related callers) to ensure link settings are only shown when the device ...

The vulnerability of the speed_show() function in the net-sysfs component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the speedshow function in the net-sysfs component of the Linux operating system is related to the check performed by speedshow to determine the presence of a network device. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2024-6300 Incomplete Cleanup in Conduit

Incomplete cleanup when performing redactions in Conduit, allowing an attacker to check whether certain strings were present in the PDU before redaction...

PT-2023-33499 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: The issue concerns the pci device is present function, specifically with Virtual Functions VFs by checking the Physical Function PF. The actual impact and attack plausibility have not yet be...

GHSA-6WHF-Q6P5-84WG Improper Access Control in Webauthn Framework

Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user's system is able to login to a vulnerable service using an attached FIDO2 authenticator without passing a check of the user presence...

CVE-2021-38299

Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user's system is able to login to a vulnerable service using an attached FIDO2 authenticator without passing a check of the user presence...

Design/Logic Flaw

Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user's system is able to login to a vulnerable service using an attached FIDO2 authenticator without passing a check of the user presence...

Webauthn-Framework 授权问题漏洞

Webauthn-Framework is an authentication mechanism. It is used by Web applications to create and use strong, proven, scoped, public-key based credentials for strong authentication of users. Webauthn-Framework suffers from a security vulnerability that allows an attacker in control of a user's syst...

CVE-2020-0217

In RWT4tPresenceCheck of rwt4t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:...

Detecting Citrix CVE-2019-19781

Summary Unknown cyber network exploitation CNE actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781.1 Though mitigations were released on the same day Citrix announced CVE-2019-19781,...