1154 matches found
USN-6386-2: Linux kernel (Raspberry Pi) vulnerabilities
Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...
USN-6348-1: Linux kernel vulnerabilities
Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...
USN-6346-1: Linux kernel (Raspberry Pi) vulnerabilities
Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...
RaspAP Unauthenticated Command Injection
RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi. A Command Injection vulnerability in RaspAP versions 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands in the context of the user running...
RaspAP 2.8.7 Unauthenticated Command Injection Exploit
RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi. A Command Injection vulnerability in RaspAP versions 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands in the context of the user running...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
Multiple Codesys Products Security Breach
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. A security vulnerability exists in several Codesys products due to a failure to perform filtering on certain file types. The following products and versions are affected: CODESYS...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
Multiple Codesys Products Buffer Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. A buffer error vulnerability exists in several Codesys products, which stems from a specially crafted remote communication request that could cause the CmpAppBP component to overwrite...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
RaspAP Command Injection Vulnerability
RaspAP is a simple wireless AP setup and management for Debian-based devices. A security vulnerability exists in RaspAP versions 2.8.0 through 2.9.2 that stems from the presence of a command injection vulnerability. Allows an attacker to execute arbitrary commands as root via the POST parameter...
USN-6251-1: Linux kernel vulnerabilities
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090 Sh...
Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks
Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. This enhanced threat is now targeting companies in the U.S. and Canada with the intention of extracting confidential data from infiltrated systems. These sophisticated attacks exploit a critical...
OESA-2023-1353 kernel security update
The Linux Kernel image for RaspberryPi. Security Fixes: An issue was discovered in drivers/media/dvb-core/dvbfrontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASKRUNNING. In dvbfrontendgetevent, waiteventinterruptible is called; the condition is...
OESA-2023-1352 kernel security update
The Linux Kernel image for RaspberryPi. Security Fixes: A use after free flaw was found in hfsplusputsuper in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.CVE-2023-2985...
OESA-2023-1351 kernel security update
The Linux Kernel image for RaspberryPi. Security Fixes: An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190remove in drivers/power/supply/bq24190charger.c. It could allow a local attacker to crash the system due to a race condition.CVE-2023-33288...