PT-2026-51190

Name of the Vulnerable Software and Affected Versions AOMEI Backupper versions prior to 8.3.0 Description An issue exists in the Kernel Driver component within the amwrtdrv.sys library. A local attacker can perform a manipulation of an unknown function to cause improper access controls...

EUVD-2013-4413

Malware in sbrugna...

CVE-2023-46807

An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database...

OPENSUSE-SU-2024:0157-1 Security update for nano

This update for nano fixes the following issues: - CVE-2024-5742: Avoid privilege escalations via symlink attacks on emergency save file boo1226099...

RHEL 9 : kernel (RHSA-2024:0448)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0448 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bpf: Incorrect verifier prunin...

Oracle Linux 8 : libseccomp (ELSA-2019-3624)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3624 advisory. 2.4.1-1 - rebase to 2.4.1 2.3.3-4 - spec: make the check phase conditional Tenable has extracted the preceding description block directly from the Oracle Linux...

Cross-Site Request Forgery (CSRF)

com.xuxueli:xxl-job is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability exists in xxl-job-admin/user/add, which allows an attacker to use a crafted .html file to cause CSRF attacks due to insufficient checks, resulting in arbitrary code execution and privilege escalations...

CISA Adds Five Known Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32046 Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability CVE-2023-32049 Microsoft Windows Defender SmartScreen Security Feature Bypass...

VMSA-2023-0009:VMware Aria Operations update addresses multiple Local Privilege Escalations and a Deserialization issue

Advisory ID: VMSA-2023-0009 CVSSv3 Range: 6.4-8.8 Issue Date:2023-05-11 Updated On: 2023-05-11 Initial Advisory CVEs: CVE-2023-20877, CVE-2023-20878, CVE-2023-20879, CVE-2023-20880 Synopsis: VMware Aria Operations update addresses multiple Local Privilege Escalations and a Deserialization issue...

GHSA-6M9F-PJ6W-W87G Rancher Webhook is misconfigured during upgrade process

Impact A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into the Kubernetes cluster. When the Webhook is operating in a degraded state, it no...

K65043534: Multiple INTEL BIOS vulnerabilities

Security Advisory Description CVE-2017-5705 Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. CVE-2017-5706 Multiple buffer overflows in kernel in Intel Server Platfo...

K04454621: Linux kernel vulnerability CVE-2020-25671

Security Advisory Description A vulnerability was found in Linux Kernel, where a refcount leak in llcpsockconnect causing use-after-free which might lead to privilege escalations. CVE-2020-25671 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Statu...

K14594844: Linux kernel Vulnerability CVE-2020-25670

Security Advisory Description A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege escalations. CVE-2020-25670 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...

RHEL 8 : kernel (RHSA-2022:5626)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5626 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Small table perturb size in th...

OESA-2022-1616 mariadb security update

MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...

SUSE SLES12 Security Update : kernel (Live Patch 37 for SLE 12 SP3) (SUSE-SU-2022:0325-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0325-1 advisory. - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner...

SUSE SLES15: kernel-livepatch-5_3_18-24_49-default / etc (SUSE-SU-2022:0291-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0291-1 advisory. This update for the Linux Kernel 5.3.18-2449 fixes several issues. The following security issues were fixed: - CVE-2022-0185: Incorrect param...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2022:0293-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0293-1 advisory. - A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege escalation...

SUSE SLES12: kernel-livepatch-4_12_14-197_83-default / etc (SUSE-SU-2022:0263-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0263-1 advisory. This update for the Linux Kernel 4.12.14-12260 fixes several issues. The following security issues were fixed: - CVE-2020-3702: Fixed ...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 16 for SLE 12 SP5) (SUSE-SU-2022:0234-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0234-1 advisory. - A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege...