Race condition

A use-after-free flaw was found in iouring/poll.c in iopollcheckevents in the iouring subcomponent in the Linux Kernel due to a race condition of pollrefs. This flaw may cause a NULL pointer dereference...

CVE-2023-0468

A use-after-free flaw was found in iouring/poll.c in iopollcheckevents in the iouring subcomponent in the Linux Kernel due to a race condition of pollrefs. This flaw may cause a NULL pointer dereference...

CVE-2023-0469

A use-after-free flaw was found in iouring/filetable.c in ioinstallfixedfile in the iouring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service...

CVE-2023-0468

A use-after-free flaw was found in iouring/poll.c in iopollcheckevents in the iouring subcomponent in the Linux Kernel due to a race condition of pollrefs. This flaw may cause a NULL pointer dereference...

CVE-2023-0469

A use-after-free flaw was found in iouring/filetable.c in ioinstallfixedfile in the iouring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service...

CVE-2023-0394

A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash...

CVE-2023-0394

A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash...

HCL BigFix Multiple Vulnerabilities (KB0098998)

The version of HCL BigFix Client installed on the remote host is affected by multiple vulnerabilities, including the following: - An improper authentication vulnerability exists in the curl subcomponent which might allow reuse OAUTH2-authenticated connections without properly making sure that the...

Amazon Linux 2 : kernel, --advisory ALAS2-2022-1888 (ALAS-2022-1888)

The version of kernel installed on the remote host is prior to 4.14.299-223.520. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1888 advisory. In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. Th...

The vulnerability of the Authorization sub-component of the Oracle Public Sector Financials (International) component of the Oracle E-Business Suite allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Authorization sub-component of the Oracle Public Sector Financials International component of the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized...

The vulnerability of the Accounts sub-component of the Oracle iSupplier Portal, a component of the Oracle E-Business Suite, allows a malicious individual to gain unauthorized access to protected information or compromise data integrity.

The vulnerability of the Accounts sub-component of the Oracle iSupplier Portal, a component of the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

The vulnerability of the Request Management & Workflow sub-component of the Oracle Identity Manager identity management software allows a malicious actor to gain unauthorized access to protected data.

The vulnerability of the Request Management & Workflow sub-component of the Oracle Identity Manager identity management software exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

CVE-2022-29581

A use-after-free flaw was found in u32change in net/sched/clsu32.c in the network subcomponent of the Linux kernel. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information. Mitigation To mitigate this issue, prevent the module clsu32 from...

CVE-2022-25636

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

Tenable SecurityCenter 5.16.0 < 5.19.2 Multiple Vulnerabilities (TNS-2021-17)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is prior to 5.19.2 and is missing a security patch, SC-202110.1. It is therefore, affected by multiple vulnerabilities in the Apache subcomponent of Security Center. Note that successful...

Information Disclosure

lynx is vulnerable to information disclosure. The vulnerability exists due to the system mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

DEBIAN-CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

The vulnerability of the Receipts sub-component of the Oracle Receivables component in the Oracle E-Business Suite system, which allows a perpetrator to gain unauthorized access to the device.

The vulnerability of the Receipts sub-component of the Oracle Receivables component in the Oracle E-Business Suite system is related to code errors. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to the device through HTTP requests...

The vulnerability of the Document Management sub-component of the Oracle Document Management and Collaboration system, a business automation solution from Oracle E-Business Suite, allows an intruder to gain unauthorized access to the device and disclose protected information.

The vulnerability of the Document Management sub-component of the Oracle Document Management and Collaboration component in the Oracle E-Business Suite system relates to coding errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the devi...