443 matches found
K35205264: Linux kernel vulnerability CVE-2018-10938
Security Advisory Description A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipsov4optptr function in net/ipv4/cipsoipv4.c leading to a denial-of-servic...
SUSE CVE-2013-1920
Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running "under memory pressure" and the Xen Security Module XSM is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free and allows local guest kernels to injec...
SUSE CVE-2015-3631
Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...
CVE-2022-46569
D-Link DIR-882 DIR882A1FW130B06, DIR-878 DIR878FW1.30B08 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module...
CVE-2022-41617
In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, When the Advanced WAF / ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST interface...
CVE-2022-41582
The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability...
Design/Logic Flaw
The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability...
PT-2022-25956 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The security module has configuration defects. Successful exploitation of this issue may affect system availability. Recommendations: At the moment, there is no information about a...
PT-2022-33885 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: The issue is related to a problem in the crypto: hisilicon/sec module where the system does not sleep when in softirq. The actual impact and attack plausibility have not yet been proven...
CVE-2022-38979
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. A configuration error vulnerability exists in Huawei HarmonyOS, which stems from a configuration flaw in the security OS module. An attacker could exploit this vulnerability to cause confidentiality to be compromised...
CVE-2022-34737
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...
CVE-2022-34737
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...
CVE-2022-34737
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...
HUAWEI HarmonyOS security module authorization issue vulnerability
HUAWEI HarmonyOS is an operating system from Huawei, China HUAWEI. HUAWEI HarmonyOS version 2.0 contains an authorization issue vulnerability that stems from an incorrect privilege assignment in the application security module, which could be exploited by an attacker to cause the device to...
CVE-2021-38266
The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack 5 does not correctly import users from LDAP, which allows remote attackers to prevent a legitimate user from authenticating by attempting to sign ...
Code injection
The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack 5 does not correctly import users from LDAP, which allows remote attackers to prevent a legitimate user from authenticating by attempting to sign ...
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant...
WhatsApp to Finally Let Users Encrypt Their Chat Backups in the Cloud
WhatsApp on Friday announced it will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as chat messages and photos in Apple iCloud or Google Drive in a cryptographically secure manner. The optional feature,...
Vulnerability of the RouterOS operating system’s /ram/pckg/security/nova/bin/ipsec process, allowing a hacker to trigger a service failure
The vulnerability of the /ram/pckg/security/nova/bin/ipsec” function in the RouterOS operating system is related to the use of the “assert” or similar operator. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...