CVE-2019-18874

psutil aka python-psutil through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object...

AZL-6810 CVE-2019-18874 affecting package python-psutil for versions less than 5.9.0-1

psutil aka python-psutil through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object...

ALPINE-CVE-2019-18874

psutil aka python-psutil through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object...

Double free

psutil aka python-psutil through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object...

UBUNTU-CVE-2019-18874

psutil aka python-psutil through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object...

CVE-2019-18874

psutil aka python-psutil through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object...

CVE-2019-18874

psutil aka python-psutil through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object...

CVE-2019-18874

CVE-2019-18874 affects the Python module psutil (python-psutil). The issue is a double free caused by refcount mishandling in loops that convert system data into Python objects, as reported up to version 5.6.5 (and referenced in later advisories noting fixes in newer releases). Connected sources ...

py-psutil -- double free vulnerability

ret2libc reports: psutil aka python-psutil through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object...

CVE-2019-13557

In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information...

CVE-2019-8159

A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with system data manipulation privileges can execute aribitrary code through arbitrary file deletion and OS command injection...

Remote Code Execution

Sonatype Nexus Repository Manager is vulnerable to remote code execution. An attacker with administrative access to NXRM is able to create repositories that can grant access to read/execute system data outside the scope of NXRM...

How to steal a million (of your data)

Any user data — from passwords for entertainment services to electronic copies of documents — is highly prized by intruders. The reason is simply that almost any information can be monetized. For instance, stolen data can be used to transfer funds to cybercriminal accounts, order goods or service...

Vulnerabilities fixed in libxslt

Suse has fixed vulnerabilities in libxslt. The vulnerabilities allow a locally authorized malicious person to obtain obtain system data. -= SUSE =- SUSE has made updates available to address the vulnerabilities fixes in SUSE 12. You can install these custom packages using 'YaST'. You can also...

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to access potentially sensitive system usage information. The vulnerability is due to a lack of proper data protection mechanisms. An attacker could...

Cisco Integrated Management Controller Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to access potentially sensitive system usage information. The vulnerability is due to a lack of proper data protection mechanisms. An attacker could...

Vulnerability fixed in glib

A vulnerability has been fixed for Glib in Ubuntu. The vulnerabilities allow a malicious person to perform attacks that lead to the following categoriesn of damage: - Denial-of-Service DoS; - Manipulation of data; - Circumvention of security measure; - Access to sensitive data; - Access to system...

The vulnerability of Intel Core processors lies in the lack of protection for system data, which allows attackers to exploit this to disclose confidential information.

The vulnerability of Intel Core processors is related to the lack of protection for system data. Exploiting this vulnerability can allow attackers to disclose the protected information...

CB TAU Threat Intelligence Notification: HopLight Campaign (Linked to North Korea) is Reusing Substantial Amount of Code

On April 10, 2019 the US Department of Homeland Security DHS released a Malware Analysis Report MAR-10135536-8 which detailed the trojan HopLight. HopLight has been linked to different North Korean DPRK campaigns also known as the Lazarus Group. The CB Threat Analysis Unit TAU has continued to...

CVE-2018-13295

Information exposure vulnerability in SYNO.Personal.Application.Info in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the version parameter...