EUVD-2002-0822

Malware in sbrugna...

EUVD-2018-6551

Malware in sbrugna...

CVE-2019-3975

Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel, which stems from an incorrect boundary check in rpcmsghandler and related handlers in drivers/misc/mediatek/ecci/portrpc.c, where an out-of-bounds write may exist...

PT-2024-10663 · Google · Android +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible out of bounds write in the rpc msg handler and related handlers of drivers/misc/mediatek/eccci/port rpc.c due to an...

PT-2024-10651 · Mediatek · Drivers/Misc/Mediatek/Eccci/Port Rpc.C

Name of the Vulnerable Software and Affected Versions: drivers/misc/mediatek/eccci/port rpc.c affected versions not specified Description: The issue is related to an incorrect bounds check in the rpc msg handler and related handlers, which could lead to a possible out of bounds write. This could...

CVE-2023-49935

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...

CVE-2023-49935

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...

Design/Logic Flaw

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...

CVE-2023-49935

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

ALSA-2023:0300 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: watch queue race condition can lead to privilege escalation CVE-2022-2959 kernel: memory corruption in AX88179178A based USB...

RHEL 9 : kpatch-patch (RHSA-2022:9082)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:9082 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

CVE-2022-43945

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the send...

CVE-2022-43945

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the send...

CVE-2022-26662

An XML Entity Expansion XEE issue was discovered in Tryton Application Platform Server 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform Command Line Client proteus 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. A...

CVE-2021-22019

The vCenter Server contains a denial-of-service vulnerability in VAPI vCenter API service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition...

CVE-2021-22008

The vCenter Server contains an information disclosure vulnerability in VAPI vCenter API service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information...

GO-2021-0075 Panic due to improper validation of RPC messages in github.com/ethereum/go-ethereum

Due to improper argument validation in RPC messages, a maliciously crafted message can cause a panic, leading to denial of service...

Updated kernel-linus packages fix security issues

This kernel-linus update is based on upstream 5.10.25 and fixes at least the following security issues: A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRMIOCTLNOUVEAUCHANNELALLOC. This...