EUVD-2022-41545

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-1077

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2023-023)

The version of kernel installed on the remote host is prior to 5.15.43-20.103. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2023-023 advisory. 2024-03-13: CVE-2022-48619 was added to this advisory. 2023-10-12: CVE-2021-3923 was added to this advisor...

SUSE-SU-2022:3463-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024115 fixes several issues. The following security issues were fixed: - CVE-2022-39188: Fixed a race condition between unmapmappingrange and munmap on VMPFNMAP mappings leads to stale TLB entry bsc1203116. - CVE-2022-29581: Fixed an improper Update of...

CVE-2022-38999

The CVE-2022-38999 entry concerns Huawei HarmonyOS AOD module with an improper update of reference counts. The vulnerability allows potential impact to data integrity, confidentiality, and availability. Connected sources (Red Hat, NVD, CVE, CNNVD) reiterate the same root cause and impact, without...

Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-083)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-083 advisory. A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel's BPF subsystem due to the way a user loads BTF. This flaw...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-2257)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable...

Design/Logic Flaw

The Client/Server Run-time Subsystem CSRSS in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Reference Count Vulnerability."...

CVE-2013-0076

The Client/Server Run-time Subsystem CSRSS in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Reference Count Vulnerability."...

CVE-2013-0076

The CVE-2013-0076 entry refers to a local privilege-escalation vulnerability in the Client/Server Run-time Subsystem (CSRSS) on affected Windows versions. Specifically, CSRSS in Windows 7 (Gold/SP1) and Windows Server 2008 R2 (SP1) mishandles in-memory objects, enabling a local attacker to gain e...

CVE-2010-2549

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service system crash by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigge...

CVE-2010-0176

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors...