8 matches found
Incorrect Privilege Assignment
Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Incorrect Privilege Assignment via improper enforcement of scope mapping in the Fine-Grained Admin Permission...
[SECURITY] [DSA 5924-1] intel-microcode security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5924-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 23, 2025 https://www.debian.org/security/faq -...
Debian dsa-5924 : intel-microcode - security update
The remote Debian 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5924 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5924-1 [email protected] https://www.debian.org/securit...
Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The vulnerability,...
Privilege Desynchronization: Cross-Privilege Spectre Attacks with Branch Privilege Injection
AMD ID: AMD-SB-7030 Potential Impact: N/A Severity: N/A Summary Researchers from ETH Zurich have provided AMD with a paper titled “Privilege Desynchronization: Cross-Privilege Spectre Attacks with Branch Privilege Injection.” AMD reviewed the paper and believes that this vulnerability does not...
PT-2024-5098 · Siemens · Sinema Remote Connect Server
Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 HF1 Description: A vulnerability has been identified in SINEMA Remote Connect Server due to missing server-side input sanitation when loading VxLAN configurations. This could allow an...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Execution with Unnecessary Privileges vulnerability (CVE-2016-0328)
Summary IBM Security Guardium Database Activity Monitor could allow a local user to injection commands that would be executed with administrator privileges. Vulnerability Details CVEID: CVE-2016-0328 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow a local user to injectio...
Multiple vulnerabilities in turbomail
TurboMail email system is an email server system developed for the communication needs of enterprises and institutions. turbomail there are leakage of user mailbox vulnerability, can be login blast vulnerability login authentication code bypass, ordinary user privilege injection vulnerability, if...