CVE-2024-42501

ArubaOS is affected by an authenticated Path Traversal vulnerability (CVE-2024-42501). The issue allows a remote attacker, with network access and high privileges, to install unsigned packages on the underlying OS and execute arbitrary code or implant software. The vulnerability source is ArubaOS...

ArubaOS 安全漏洞

ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba, USA. A security vulnerability exists in ArubaOS. An attacker could exploit the vulnerability by installing unsigned software packages on the underlying...

RHSA-2022:5099 Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

Bulletin has no description...

RHSA-2022:5095 Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

Bulletin has no description...

RHSA-2022:5096 Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

Bulletin has no description...

CBL Mariner 2.0 Security Update: shim / shim-unsigned-aarch64 / shim-unsigned-x64 (CVE-2023-40548)

The version of shim / shim-unsigned-aarch64 / shim-unsigned-x64 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40548 advisory. - A buffer overflow was found in Shim in the 32-bit system. The...

CBL Mariner 2.0 Security Update: shim / shim-unsigned-aarch64 / shim-unsigned-x64 (CVE-2023-40549)

The version of shim / shim-unsigned-aarch64 / shim-unsigned-x64 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40549 advisory. - An out-of-bounds read flaw was found in Shim due to the lack of...

CVE-2024-45281

SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client desktop applications even if some of the DLLs are not digitally signed or if the signature is broken. The attacker needs to have local access to the vulnerable system to perform DLL related tasks. This...

SAP BusinessObjects Business Intelligence Platform 代码问题漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...

CVE-2023-40550 affecting package shim-unsigned-x64 for versions less than 15.8-1

CVE-2023-40550 affecting package shim-unsigned-x64 for versions less than 15.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-40546 affecting package shim-unsigned-x64 for versions less than 15.8-1

CVE-2023-40546 affecting package shim-unsigned-x64 for versions less than 15.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-40549 affecting package shim-unsigned-x64 for versions less than 15.8-1

CVE-2023-40549 affecting package shim-unsigned-x64 for versions less than 15.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-40547 affecting package shim-unsigned-x64 for versions less than 15.8-1

CVE-2023-40547 affecting package shim-unsigned-x64 for versions less than 15.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-40548 affecting package shim-unsigned-x64 for versions less than 15.8-1

CVE-2023-40548 affecting package shim-unsigned-x64 for versions less than 15.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-45056

zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold xor shl 1, x, -1 to rotl 1, x if run with optimizations enabled. Here 1 is generated as an unsigned 64 bits number 2^64-1. This number is zero-extended to 256 bits on EraVM target while it should have been sign-extended...

CVE-2024-45056 `fold (xor (shl 1, x), -1) -> (rotl ~1, x)` misoptimization in zksolc

zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold xor shl 1, x, -1 to rotl 1, x if run with optimizations enabled. Here 1 is generated as an unsigned 64 bits number 2^64-1. This number is zero-extended to 256 bits on EraVM target while it should have been sign-extended...

SUSE CVE-2022-48938

In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the...

CVE-2022-48938

An integer overflow vulnerability was found in the Linux Kernel. When a broken device gives an extreme offset, the current implementation of sanity checks will overflow, resulting in loss of availability of the system. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2022-48938

In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the...

DEBIAN-CVE-2022-48938

In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the...