CVE-2017-18659

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 July 2017...

CVE-2017-18678

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-811...

CVE-2017-9711

Certain unprivileged processes are able to perform IOCTL calls...

CVE-2013-2872

Google Chrome before 28.0.1500.71 on Mac OS X does not ensure a sufficient source of entropy for renderer processes, which might make it easier for remote attackers to defeat cryptographic protection mechanisms in third-party components via unspecified vectors...

CVE-2002-2042

ptrace in the QNX realtime operating system RTOS 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes...

CVE-2001-1551

Linux kernel 2.2.19 enables CAPSYSRESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs...

CVE-2025-3931

A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's "worker" processes through the DBus component. Yggdrasil creates a DBus method to dispatch messages to workers. However, it misses authentication and authorization checks,...

From Complexity to Clarity: The Blueprint for Scalable Workflow Automation

Cloud-native applications offer scalable, automated workflows, intelligent data processing, and seamless deployments. However, many organizations still struggle to…...

UBUNTU-CVE-2025-46805

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root...

Avoid Using Programs Labeled unconfined_service_t

The purpose of setting the unconfinedservicet label for SELinux is to enable some third-party service processes not configured with SELinux policies to run without restrictions. By default, when systemd runs a third-party application whose label is bint or usrt generally located in directories su...

Atop 2.4.x < 2.11.1 DoS (CVE-2025-31160)

atop through 2.11.0 allows local users to cause a denial of service e.g., assertion failure and application exit or possibly have unspecified other impact by running certain types of unprivileged processes while a different user runs atop. Note that Nessus has not tested for this issue but has...

CVE-2025-47153

Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs20.19.0+dfsg-2i386.deb for Debian GNU/Linux, have an inconsistent offt size e.g., building on i386 Debian always uses FILEOFFSETBITS=64 for the libuv dynamic library, but uses the...

From Exposure to Assurance: Unified Remediation Across the Security Lifecycle

When it comes to defending your organization, every second counts. The time to detect, respond, and remediate is critical, but speed alone isn't enough. Fragmentation across security tools, siloed teams, and manual workflows leaves organizations constantly reactive, overwhelmed by alerts, and at...

PT-2025-17679 · Abb · Abb Mv Drives

Name of the Vulnerable Software and Affected Versions: ABB MV Drives affected versions not specified Description: A denial-of-service DoS issue could incapacitate industrial processes, leading to operational delays and financial losses. Recommendations: At the moment, there is no information abou...

[SECURITY] Fedora 40 Update: rust-idna_adapter-1.2.0-1.fc40

Back end adapter for idna...

CVE-2025-32439

pleezer is a headless Deezer Connect player. Hook scripts in pleezer can be triggered by various events like track changes and playback state changes. In versions before 0.16.0, these scripts were spawned without proper process cleanup, leaving zombie processes in the system's process table. Even...

CISA: Key Secure by Demand Elements for Operational Technology Fact Sheet

This fact sheet addresses key elements for operational technology OT owners and operators to consider when purchasing digital products that automate physical processes, e.g. programmable logic controllers PLCs, human-machine interfaces HMIs, and remote terminal units RTUs. CISA strongly advises...

Huawei PCs Authentication Bypass Vulnerability

Huawei PCs are a line of computers from the Chinese company Huawei. Huawei PCs suffer from an authentication bypass vulnerability that originates from a low-privileged user being able to bypass SDDL privilege checks, which can be exploited by an attacker to cause certain system processes to...

CVE-2025-32439

pleezer is a headless Deezer Connect player. Hook scripts in pleezer can be triggered by various events like track changes and playback state changes. In versions before 0.16.0, these scripts were spawned without proper process cleanup, leaving zombie processes in the system's process table. Even...

CVE-2025-32439 pleezer allows resource exhaustion through uncollected hook script processes

pleezer is a headless Deezer Connect player. Hook scripts in pleezer can be triggered by various events like track changes and playback state changes. In versions before 0.16.0, these scripts were spawned without proper process cleanup, leaving zombie processes in the system's process table. Even...