EUVD-2016-0722

Malware in sbrugna...

Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities

Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-53150 CVSS score: 7.8 - An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure...

The vulnerability of the sub-component of the Oracle Commerce Platform component, a e-commerce platform, allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the sub-component of the Oracle Commerce Platform exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data using the HTTP protocol...

The vulnerability of the Templates sub-component of Oracle Application Technology, a system for automating business processes in enterprises, allows attackers to gain access to confidential information.

The vulnerability of the Templates sub-component in Oracle Application Technology, a system for automating business operations in enterprises, related to insufficient protection of operational data. Exploiting this vulnerability could allow unauthorized actors to gain access to confidential...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0474-1)

"The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0474-1 advisory. - Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux filesystem modules allows Forced Integer Overflow.This...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0476-1)

"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0476-1 advisory. - Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux filesystem modules allows Forced Integer Overflow.This issue affec...

CVE-2023-6039

A use-after-free flaw was found in lan78xxdisconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches...

CVE-2023-6039

A use-after-free flaw was found in lan78xxdisconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches...

Design/Logic Flaw

A use-after-free flaw was found in lan78xxdisconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches...

CVE-2023-6039

A use-after-free flaw was found in lan78xxdisconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches...

CVE-2023-4459

A NULL pointer dereference flaw was found in vmxnet3rqcleanup in drivers/net/vmxnet3/vmxnet3drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during...

Null pointer dereference

A NULL pointer dereference flaw was found in vmxnet3rqcleanup in drivers/net/vmxnet3/vmxnet3drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during...

CVE-2023-4459

A NULL pointer dereference flaw was found in vmxnet3rqcleanup in drivers/net/vmxnet3/vmxnet3drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during...

Design/Logic Flaw

A use-after-free flaw was found in mt7921checkoffloadcapability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. This flaw could allow an attacker to crash the system after 'features' memory release. This vulnerability could even lead to a...

CVE-2023-2162

A use-after-free vulnerability was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information...

CVE-2023-2162

A use-after-free flaw was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information. Mitigation This flaw can be mitigated by preventing the affected iscsitcp.ko kernel module...

CVE-2023-1583

A NULL pointer dereference was found in iofilebitmapget in iouring/filetable.c in the iouring sub-component in the Linux Kernel. When fixed files are unregistered, some context information fileallocstart,end and allochint is not cleared. A subsequent request that has auto index selection enabled...

CVE-2023-1583

A NULL pointer dereference was found in iofilebitmapget in iouring/filetable.c in the iouring sub-component in the Linux Kernel. When fixed files are unregistered, some context information fileallocstart,end and allochint is not cleared. A subsequent request that has auto index selection enabled...

The vulnerability of the Installation sub-component of the Oracle Collaborative Planning component of the Oracle E-Business Suite, a business automation system, allows an attacker to gain access to modify, add, or delete protected data.

The vulnerability of the Installation sub-component of the Oracle Collaborative Planning component in the Oracle E-Business Suite enterprise automation system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify,...

The vulnerability of the Core sub-component of the Oracle VM VirtualBox allows a hacker to execute arbitrary code.

The vulnerability of the Core sub-component of the Oracle VM VirtualBox exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...