616 matches found
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
fgt-cve-2023-27997-exploit FortiGate SSL‑VPN CVE‑2023‑279...
Linux Distros Unpatched Vulnerability : CVE-2022-48994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel contr...
EulerOS 2.0 SP12 : pam (EulerOS-SA-2025-1194)
According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers ...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
PoC exploit for CVE-2025-0282, a remote unauthenticated stack-ba...
pam: libpam: Libpam vulnerable to read hashed password
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
cve-2024-21762-poc CVE-2024-21762 is a critical vulnerability...
SUSE CVE-2024-10041
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...
CVE-2024-10041
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...
CVE-2024-10041
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...
AZL-51693 CVE-2024-10041 affecting package pam for versions less than 1.5.1-7
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...
CVE-2024-10041 Pam: libpam: libpam vulnerable to read hashed password
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...
CVE-2024-10041
CVE-2024-10041 describes a PAM vulnerability where secret information is kept in memory and can be leaked during authentication by triggering speculative execution via stdin, potentially exposing passwords (e.g., in /etc/shadow). Connected advisories confirm PAM updates and patches across distrib...
CVE-2024-10041
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...
CVE-2024-10041 Pam: libpam: libpam vulnerable to read hashed password
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...
CVE-2024-10041 Pam: libpam: libpam vulnerable to read hashed password
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...
CVE-2022-48994
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...
CVE-2022-48994
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...
CVE-2022-48994 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...
CVE-2022-48994 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...
CVE-2022-48994
CVE-2022-48994 affects the Linux kernel ALSA sequencing path. The issue arises from a prototype mismatch: seq_copy_in_user() and seq_copy_in_kernel() did not match snd_seq_dump_func_t, leading to -Wcast-function-type-strict checks with Clang. The patch fixes the function prototypes and removes ca...