1363 matches found
SUSE SLES12 Security Update : apr (SUSE-SU-2024:3429-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3429-1 advisory. - CVE-2023-49582: Fixed an unexpected lax shared memory permissions. bsc1229783 Tenable has extracted the preceding description block direct...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apr (SUSE-SU-2024:3428-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3428-1 advisory. - CVE-2023-49582: Fixed an unexpected lax shared memory permissions. bsc1229783 Tenable has extracted the...
SUSE-SU-2024:3429-1 Security update for apr
This update for apr fixes the following issues: - CVE-2023-49582: Fixed an unexpected lax shared memory permissions. bsc1229783...
SUSE-SU-2024:3428-1 Security update for apr
This update for apr fixes the following issues: - CVE-2023-49582: Fixed an unexpected lax shared memory permissions. bsc1229783...
mod_jk: information Disclosure / DoS
An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service...
mod_jk: information Disclosure / DoS
An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service...
SUSE CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...
CVE-2024-46544
An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service. Mitigation Mitigation for this issue is either not availabl...
CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...
UBUNTU-CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...
Apache Tomcat 安全漏洞
Apache Tomcat is a lightweight Web application server from the American Apache Apache Foundation. The program implements support for Servlets and JavaServer Page JSP. A security vulnerability exists in Apache Tomcat that stems from a default privilege error. An attacker exploiting this...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error CVE-2024-41098 In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings CVE-2024-46679...
Amazon Linux 2 : firefox (ALASFIREFOX-2024-030)
The version of firefox installed on the remote host is prior to 115.14.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2024-030 advisory. Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be...
Fedora 39 : apr (2024-318343049c)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-318343049c advisory. This update to the apr package fixes a security issue in the handling of shared memory permissions. SECURITY: CVE-2023-49582: Apache Portable Runtime APR:...
CVE-2024-46689 soc: qcom: cmd-db: Map shared memory as WC, not WB
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into the write protected...
CVE-2024-46689
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into the write protected...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mapping shared memory as WC instead of WB, which could lead to a security outage and an infinite loop in the...
kernel: mm: cachestat: fix two shmem bugs
CVE-2024-35797 is a vulnerability in the Linux kernel’s memory management, specifically affecting the cachestat feature when handling shared memory. The flaw stems from race conditions during operations like swapping or invalidation, which can lead to out-of-bounds memory access or invalid pointe...
The vulnerability of the _umtx_op system call in FreeBSD allows a hacker to execute arbitrary code.
The vulnerability of the umtxop system call in FreeBSD systems is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using the UMTXOPSHM operation...
MGASA-2024-0292 Updated apr packages fix security vulnerability
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. CVE-2023-49582...