CVE-2022-25681

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

[SECURITY] Fedora 35 Update: bcel-6.4.1-10.fc35

The Byte Code Engineering Library formerly known as JavaClass is intended to give users a convenient possibility to analyze, create, and manipulate binary Java class files those ending with .class. Classes are represented by objects which contain all the symbolic information of the given class:...

[SECURITY] Fedora 36 Update: bcel-6.4.1-10.fc36

The Byte Code Engineering Library formerly known as JavaClass is intended to give users a convenient possibility to analyze, create, and manipulate binary Java class files those ending with .class. Classes are represented by objects which contain all the symbolic information of the given class:...

[SECURITY] Fedora 37 Update: bcel-6.5.0-3.fc37

The Byte Code Engineering Library formerly known as JavaClass is intended to give users a convenient possibility to analyze, create, and manipulate binary Java class files those ending with .class. Classes are represented by objects which contain all the symbolic information of the given class:...

Fedora: Security Advisory for bcel (FEDORA-2022-0e358addb8)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

AWS Graviton Processor Support on Insight Agent

By Marco Botros Marco is a Technical Product Manager for Platform at Rapid7. We are pleased to announce that the Insight Agent now supports the AWS Graviton processor. The Insight Agent supports various operating systems using the AWS Graviton processor, including Amazon Linux, Redhat, and Ubuntu...

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking found in isp, which may allow out-of-bounds writes...

AMI MegaRAC 授权问题漏洞

AMI MegaRAC is a family of service processor products from AMI. Complete out-of-band or unlit remote management of computer systems independent of operating system state or location is available to troubleshoot computers and ensure service continuity. AMI MegaRAC has an authorization issue...

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking found in isp, which may allow out-of-bounds writes...

AMI MegaRAC 授权问题漏洞

AMI MegaRAC is a family of service processor products from AMI. Complete out-of-band or unlit remote management of computer systems independent of operating system state or location is available to troubleshoot computers and ensure service continuity. AMI MegaRAC has an authorization issue...

The vulnerability of Google Chrome’s graphics processor allows a hacker to escape from the isolated software environment.

The vulnerability of the Google Chrome browser’s graphics processor is related to buffer overflow in the heap. Exploiting this vulnerability can allow a remote attacker to escape from the isolated software environment...

SUSE-SU-2022:4221-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2021-43980: Improve the recycling of Processor objects to make it more robust. bsc1203868 - CVE-2022-42252: Fixed a request smuggling bsc1204918...

The vulnerability of Websoft HCM’s automation software for HR processes stems from errors in filtering user code within the XML tag processor. This allows attackers to execute arbitrary code.

The vulnerability of Websoft HCM’s automation software for HR processes is related to errors in filtering user code within the XML tag handler. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

aggmap (>=1.1.1 <=1.2.1), molmap (>=1.3.1 <=1.4.0) potentially affected by unknown CVE via tensorflow-gpu (=2.9.1)

tensorflow-gpu PYPI version =2.9.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - aggmap =1.1.1, =1.3.1, =1.4.0 Source cves: unknown CVE Source advisory: OSV:GHSA-XF83-Q765-XM6M...

aggmap (>=1.1.1 <=1.2.1), molmap (>=1.3.1 <=1.4.0) potentially affected by CVE-2022-41910 via tensorflow-gpu (=2.9.1)

tensorflow-gpu PYPI version =2.9.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - aggmap =1.1.1, =1.3.1, =1.4.0 Source cves: CVE-2022-41910 Source advisory: OSV:GHSA-FRQP-WP83-QGGV...

NXP Semiconductors i.MX SoC 安全漏洞

The NXP Semiconductors i.MX SoC is a multi-core solution for multimedia and display applications from NXP Semiconductors of the Netherlands, featuring scalable, secure and reliable high performance and low power consumption. A security vulnerability exists in the NXP Semiconductors i.MX SoC that,...

SUSE-SU-2022:4009-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2021-43980: Improve the recycling of Processor objects to make it more robust. bsc1203868...

CVE-2022-20943

Multiple vulnerabilities in the Server Message Block Version 2 SMB2 processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service DoS condition on an affected device. These...

CVE-2022-20922

Multiple vulnerabilities in the Server Message Block Version 2 SMB2 processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service DoS condition on an affected device. These...

Design/Logic Flaw

Multiple vulnerabilities in the Server Message Block Version 2 SMB2 processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service DoS condition on an affected device. These...