Fedora 39 : efifs (2024-69933b0732)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-69933b0732 advisory. - Update bundled edk2 to 20240524 2284243 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...

The vulnerability of the Apex One NT RealTime Scan anti-virus software programs Trend Micro Apex One and Apex One as a Service allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the Apex One NT RealTime Scan antivirus software programs Trend Micro Apex One and Apex One as a Service is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to enhance their privileges and execute...

The vulnerability of the Apex One NT RealTime Scan anti-virus software programs Trend Micro Apex One and Apex One as a Service allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the Apex One NT RealTime Scan antivirus software programs Trend Micro Apex One and Apex One as a Service is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges and execute arbitrary...

Harbor SQL Injection Vulnerability

Harbor is an open source registry from Harbor Open Source. Artifacts are protected through policies and role-based access control, ensuring that images are scanned and free of vulnerabilities, and signing images as trusted. A SQL injection vulnerability exists in Harbor v2.8.4, v2.9.2, and v2.10....

The vulnerability of the Damage Cleanup Engine of the Trend Micro Common Client Real-time Scan antivirus software, including the Apex One and Apex One as a Service solutions, allows a malicious actor to trigger a service failure.

The vulnerability of the Damage Cleanup Engine of the Trend Micro Common Client Real-time Scan antivirus software, specifically Apex One and Apex One as a Service, is related to an incorrect definition of the link before accessing a file. Exploiting this vulnerability can allow an attacker to...

The vulnerability of the Apex One NT RealTime Scan anti-virus software programs Trend Micro Apex One and Apex One as a Service allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the Apex One NT RealTime Scan antivirus software programs Trend Micro Apex One and Apex One as a Service is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

Exploit for OS Command Injection in Php

PHP RCE PoC CVE-2024-4577: Argument Injection in PHP-CGI...

Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

Debt collection agency FBCS leaks information of 3 million US citizens

The US debt collection agency Financial Business and Consumer Solutions FBCS has filed a data breach notification, listing the the total number of people affected as 3,226,631. FBCS is a nationally licensed, third-party collection agency that collects commercial and consumer debts, with most of i...

CVE-2024-36943

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...

CVE-2023-43545

Memory corruption when more scan frequency list or channels are sent from the user space...

CVE-2023-43545 Integer Overflow or Wraparound in WLAN HOST

Memory corruption when more scan frequency list or channels are sent from the user space...

RHEL 5 : sssd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sssd: information leak from the sssd-sudo responder CVE-2018-10852 - The System Security Services Daemon...

Fedora 39 : python3.6 (2024-18b9c9b9cf)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-18b9c9b9cf advisory. Security fix for CVE-2024-0450 and CVE-2023-6597 Tenable has extracted the preceding description block directly from the Fedora security advisory...

DEBIAN-CVE-2024-36943

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...

CVE-2024-36943

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...

UBUNTU-CVE-2024-36943

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...

CVE-2024-36943

CVE-2024-36943 affects the Linux kernel’s pagemap/proc task_mmu path. The issue arises in the pattern used by make_uffd_wp_pte() where interleaving reads and writes could lose young/dirty bits during a pagemap scan, due to a race around ptep_modify_prot_start() and subsequent updates. The documen...