226 matches found
CVE-2024-56180 Apache EventMesh: raft Hessian Deserialization Vulnerability allowing remote code execution
CWE-502 Deserialization of Untrusted Data at the eventmesh-meta-raft plugin module in Apache EventMesh master branch without release version on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via hessian deserialization rpc protocol. Users c...
USN-7173-3 linux-raspi-5.4 vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...
USN-7173-2: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...
USN-7173-2 linux-aws, linux-aws-5.4, linux-bluefield, linux-ibm, linux-ibm-5.4, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7173-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7173-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...
Exploit for CVE-2024-49369
CVE-2024-49369 Overview This vulnerability leverages the I...
Moderate: xmlrpc-c security update
XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC remote procedure call over the Internet. It converts an RPC into an XML document,...
VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability
VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812 CVSS score: 9.8, concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-7003-5)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7003-5 advisory. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could us...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7003-4)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7003-4 advisory. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could us...
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7029-1)
"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7029-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cau...
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-2)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6999-2 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to caus...
Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution
Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812 CVSS score: 9.8, has been described as a heap-overflow vulnerability in the DCE/RPC protocol. "A...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7003-3)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7003-3 advisory. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could us...
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7008-1)
"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7008-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cau...
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7005-2 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to caus...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7006-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7006-1 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-7003-2)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7003-2 advisory. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could us...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7003-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7003-1 advisory. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could us...
Untrusted Query Object Evaluation in RPC API
During the sign in and sign up operations through the SurrealDB RPC API, an arbitrary object would be accepted in order to support a wide array of types and structures that could contain user credentials. This arbitrary object could potentially contain any SurrealDB value, including an object...