146 matches found
CVE-2022-48518
CVE-2022-48518 concerns Huawei HarmonyOS’ iaware startup trustlist. The connected records describe a vulnerability where the signature verification service is initialized later than system broadcasts, allowing manipulation that could cause malicious apps to start at power-on by spoofing package n...
CVE-2022-48518
Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, whi...
CVE-2022-48518
Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, whi...
Huawei EulerOS: Security Advisory for sysstat (EulerOS-SA-2023-2049)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K000134496: Jettison vulnerability CVE-2022-45685
Security Advisory Description A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service DoS via crafted JSON data. CVE-2022-45685 Impact System performance degradation can occur until the process is forced to restart. This vulnerability allows an attacker to cause a...
Siemens Tecnomatix Plant Simulation Memory Corruption Vulnerability
Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A memory corruption vulnerability exists in versions...
K22505850: BIG-IP and BIG-IQ iControl REST vulnerability CVE-2022-41770
Security Advisory Description An authenticated iControl REST user can cause an increase in memory resource utilization, through undisclosed requests. CVE-2022-41770 Impact BIG-IP and BIG-IQ System performance degradation can occur until the process is either forced to restart or manually restarte...
K99123750: BIG-IP Stream profile vulnerability CVE-2022-28701
Security Advisory Description When the stream profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.CVE-2022-28701 Impact System performance can degrade until the Traffic Management Microkernel TMM process is either forced to restart ...
K43024307: BIG-IP iRules vulnerability CVE-2022-41624
Security Advisory Description When a sideband iRule is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. CVE-2022-41624 Impact System performance can degrade until the Traffic Management Microkernel TMM process is either forced to restart or...
K29146534: SSB Variant 4 vulnerability CVE-2018-3639
Security Advisory Description Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel...
K23454411: DNS profile vulnerability CVE-2022-26372
Security Advisory Description When a DNS listener is configured on a virtual server with DNS queueing default, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-26372 Impact System performance can degrade until the Traffic Management Microkernel TMM process is...
K54252492: Side-channel processor vulnerability CVE-2018-3693
Security Advisory Description Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. CVE-2018-3693 also known as Spectre ...
K11742742: iControl REST vulnerability CVE-2022-23023
Security Advisory Description Undisclosed requests by an authenticated iControl REST user can cause an increase in memory resource utilization. CVE-2022-23023 Impact System performance can degrade until the process is either forced to restart or is manually restarted. This vulnerability allows an...
Huawei EulerOS: Security Advisory for sysstat (EulerOS-SA-2023-1401)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Malwarebytes earns AV-TEST Top Product awards for fifth consecutive quarter
AV-TEST, a leading independent tester of cybersecurity solutions, has just ranked Malwarebytes as a Top Product for consumers and businesses for the fifth quarter in a row. Every two months, experts at AV-Test evaluate Windows antivirus software across three categories: Protection against malware...
K56412001: BIG-IP SSL OCSP Authentication profile vulnerability CVE-2023-22323
Security Advisory Description When OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. CVE-2023-22323 Impact System performance can degrade until the Traffic Management Microkernel TMM process is either forced to...
Unbreakable Enterprise kernel security update
5.4.17-2136.315.5 - Revert 'xfs: Lower CIL flush limit for large logs' Sherry Yang Orabug: 34917369 - Revert 'xfs: Throttle commits on delayed background CIL push' Sherry Yang Orabug: 34917369 - Revert 'xfs: fix use-after-free on CIL context on shutdown' Sherry Yang Orabug: 34917369...
Fedora 36 : sysstat (2022-dbe48a4bc7)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-dbe48a4bc7 advisory. Security fix for CVE-2022-39377 - arithmetic overflow in allocatestructures on 32 bit systems Tenable has extracted the preceding description block directly...
Open redirect
An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search UDS of SAP NetWeaver Process Integration PI - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized...
CVE-2022-41272
An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search UDS of SAP NetWeaver Process Integration PI - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized...