3385 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from the presence of a double release problem...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from the presence of a double release problem...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from the presence of a deadlock problem...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from the presence of a double release problem...
CVE-2024-22303
CVE-2024-22303 is an Incorrect Privilege Assignment vulnerability in the favethemes Houzez WordPress theme (affected versions “n/a through 3.2.4”). The issue allows Privilege Escalation for authenticated users (Subscriber+). CVSS v3.1 base score 8.8 (HIGH) with network exposure, low attack comple...
CVE-2024-21743
CVE-2024-21743 is a Privilege Escalation in the favethemes Houzez Login Register WordPress plugin (houzez-login-register) affecting versions ≤ 3.2.5. The issue enables authenticated users (Subscriber level) to escalate privileges, effectively via an account takeover vector; it is described as a S...
CVE-2024-27875
CVE-2024-27875 affects macOS Sequoia 15.0 and is described as a logic/state-management issue that can cause Privacy Indicators for microphone or camera access to be attributed incorrectly. The primary sources (NVD/NVD+CNA, Red Hat advisory, Apple security notes) confirm a fix in macOS Sequoia 15 ...
Unspecified vulnerability in Linux kernel (CNVD-2024-39471)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory allocation problem in the nouveau/firmware component. No details of the vulnerability are provided ...
Unspecified vulnerability in Linux kernel (CNVD-2024-39474)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue with the igb component having problems handling large MAXSKBFRAGS. No detailed vulnerability detail...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2368)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : httpd (EulerOS-SA-2024-2440)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services,...
The '?/' key on a Portuguese (Brazil) ABNT2 keyboard does not function in Linux sessions
When launching a Citrix session from an endpoint using Windows and a ABNT2 - Portuguese Brazil keyboard layout, the Windows keyboard key '?/' does not function inside a Linux VDA published desktop or application session...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a page mapping problem in the mm/vmalloc component...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problematic initialization of the netfilter:flowtable component. No details of the vulnerability are...
CVE-2023-46809
CVE-2023-46809 affects Node.js runtimes that bundle an unpatched OpenSSL or use a dynamically linked OpenSSL version; exposed to the Marvin Attack when PKCS #1 v1.5 padding is allowed during RSA decryption with a private key. This is a timing/side-channel vulnerability affecting confidentiality a...
CVE-2023-46809
Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed when performing RSA descryption using a privat...
CVE-2023-39333
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...
CVE-2023-39333
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...
CVE-2023-30583
CVE-2023-30583 : In Node.js 20, the fs.openAsBlob() API can bypass the experimental permission model when the file system read restriction is enabled with --allow-fs-read, due to a missing check in fs.openAsBlob(). The description notes this as part of the experimental feature set. Remediation/fi...
CVE-2023-30587
CVE-2023-30587: Node.js 20 inspector-based bypass allows an attacker to modify the Worker’s isInternal value when an inspector attaches inside the Worker constructor before initializing WorkerImpl, bypassing the experimental permission model. Affected: Node.js users using the permission model mec...