Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004338)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004338 advisory. A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource...

EUVD-2012-0071

Malware in sbrugna...

EUVD-2023-53535

Malicious code in bioql PyPI...

FreeBSD : x11vnc -- access to shared memory segments (305ceb2c-9df8-11ef-a660-d85ed309193e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 305ceb2c-9df8-11ef-a660-d85ed309193e advisory. [email protected] reports: scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access ...

MGASA-2024-0292 Updated apr packages fix security vulnerability

Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. CVE-2023-49582...

CVE-2023-49582

A flaw was found in the Apache Portable Runtime APR library. This issue allows local users to read named shared memory segments due to incorrect permissions, potentially revealing sensitive application data...

CVE-2023-49582

Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr.h Users are...

kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS...

Ubuntu 14.04 LTS / 16.04 LTS : X.Org X server vulnerabilities (USN-3453-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3453-1 advisory. Michal Srb discovered that the X.Org X server incorrectly handled shared memory segments. An attacker able to connect to an X server, either...

USN-3453-1: X.Org X server vulnerabilities

Michal Srb discovered that the X.Org X server incorrectly handled shared memory segments. An attacker able to connect to an X server, either locally or remotely, could use this issue to crash the server, or possibly replace shared memory segments of other X clients in the same session...

Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2013:183)

Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java...

Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20130620)

Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-2470, CVE-2013-2471, CVE-2013-247...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : qt4-x11 vulnerabilities (USN-1723-1)

Richard J. Moore and Peter Hartmann discovered that Qt allowed redirecting requests from http to file schemes. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS, and...

CVE-2013-0254

The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions world-readable and world-writable for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrat...

Code injection

Google Chrome before 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors...

FreeBSD : chromium -- multiple vulnerabilities (46bd747b-5b84-11e2-b06d-00262d5ed8ee)

Google Chrome Releases reports : 162494 High CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG. 165622 High CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook. 165864 High CVE-2012-5147:...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 162494 High CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG. 165622 High CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook. 165864 High CVE-2012-5147:...