30 matches found
kernel: xhci: Fix null pointer dereference in remove if xHC has only one roothub
In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference in remove if xHC has only one roothub The remove path in xhci platform driver tries to remove and put both main and shared hcds even if only a main hcd exists one roothub This causes a null...
kernel: xhci: Fix null pointer dereference in remove if xHC has only one roothub
In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference in remove if xHC has only one roothub The remove path in xhci platform driver tries to remove and put both main and shared hcds even if only a main hcd exists one roothub This causes a null...
The vulnerability of the shared host device Bluetooth function with VMware Workstation and VMware Fusion allows a attacker to execute arbitrary code.
The vulnerability of the shared-host Bluetooth device function with VMware Workstation and VMware Fusion lies in the possibility of buffer overflow attacks based on the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Node.js: Node 18 reads openssl.cnf from /home/iojs/build/... upon startup on MacOS
NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! Summary: Similar to...
SUSE: Security Advisory (SUSE-SU-2015:0745-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-7471
Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System 9pfs support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system...
ALPINE-CVE-2018-12435
Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ecgroup/ecgroup.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local...
Debian DLA-965-1 : qemu-kvm security update
Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu. CVE-2016-9602 Quick EmulatorQemu built with the VirtFS, host directory sharing via Plan 9 File System9pfs support, is vulnerable to ...
Fedora 7 : phpMyAdmin-2.11.5.1-1.fc7 (2008-2874)
This update addresses PMASA-2008-2 / CVE-2008-1567: phpMyAdmin upstream received an advisory from Jim Hermann: It saves sensitive information like the MySQL username and password and the Blowfish secret key in session data, which might be unprotected on a shared host...
phpmyadmin -- Username/Password Session File Information Disclosure
A phpMyAdmin security announcement report: phpMyAdmin saves sensitive information like the MySQL username and password and the Blowfish secret key in session data, which might be unprotected on a shared host...