EUVD-2016-0722

Malware in sbrugna...

Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities

Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-53150 CVSS score: 7.8 - An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0474-1)

"The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0474-1 advisory. - Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux filesystem modules allows Forced Integer Overflow.This...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0476-1)

"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0476-1 advisory. - Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux filesystem modules allows Forced Integer Overflow.This issue affec...

CVE-2023-6039

A use-after-free flaw was found in lan78xxdisconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches...

CVE-2023-6039

A use-after-free flaw was found in lan78xxdisconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches...

Design/Logic Flaw

A use-after-free flaw was found in lan78xxdisconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches...

CVE-2023-6039

A use-after-free flaw was found in lan78xxdisconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches...

CVE-2023-4459

A NULL pointer dereference flaw was found in vmxnet3rqcleanup in drivers/net/vmxnet3/vmxnet3drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during...

Null pointer dereference

A NULL pointer dereference flaw was found in vmxnet3rqcleanup in drivers/net/vmxnet3/vmxnet3drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during...

CVE-2023-4459

A NULL pointer dereference flaw was found in vmxnet3rqcleanup in drivers/net/vmxnet3/vmxnet3drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during...

Design/Logic Flaw

A use-after-free flaw was found in mt7921checkoffloadcapability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. This flaw could allow an attacker to crash the system after 'features' memory release. This vulnerability could even lead to a...

CVE-2023-2162

A use-after-free vulnerability was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information...

CVE-2023-2162

A use-after-free flaw was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information. Mitigation This flaw can be mitigated by preventing the affected iscsitcp.ko kernel module...

CVE-2023-1583

A NULL pointer dereference was found in iofilebitmapget in iouring/filetable.c in the iouring sub-component in the Linux Kernel. When fixed files are unregistered, some context information fileallocstart,end and allochint is not cleared. A subsequent request that has auto index selection enabled...

CVE-2023-1583

A NULL pointer dereference was found in iofilebitmapget in iouring/filetable.c in the iouring sub-component in the Linux Kernel. When fixed files are unregistered, some context information fileallocstart,end and allochint is not cleared. A subsequent request that has auto index selection enabled...

Security Bulletin: Java vulnerability on IBM Storage DS8870 (CVE-2014-0411)

Summary IBM Enterprise Storage DS8870 HMC extensively uses Java, for which a fix is available for a security vulnerability. Vulnerability Details CVEID: CVE-2014-0411 DESCRIPTION: Java is used throughout the DS8870 HMC including the command line interface CLI and graphical user interface GUI and...

FreeBSD : MySQL -- multiple vulnerabilities (22373c43-d728-11e6-a9a5-b499baebfeaf)

The MySQL project reports : - CVE-2016-3492: Remote security vulnerability in 'Server: Optimizer' sub component. - CVE-2016-5616, CVE-2016-6663: Race condition allows local users with certain permissions to gain privileges by leveraging use of mycopystat by REPAIR TABLE to repair a MyISAM table. ...

Oracle GlassFish Server 3.0.1 Unspecified Vulnerability (Jul 2016)

Oracle GlassFish Server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-0699

Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to the Login sub-component...