92 matches found
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this patch, these accesses were permitted inconsistently. In particular,...
EUVD-2020-2451
Malware in sbrugna...
EUVD-2020-11996
Malware in sbrugna...
EUVD-2020-11997
Malware in sbrugna...
EUVD-2024-23511
Malicious code in bioql PyPI...
EUVD-2025-10173
Malicious code in bioql PyPI...
EUVD-2025-10245
Malicious code in bioql PyPI...
Important: pki-deps:10.6 security update
The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 For more details about the security issues, including the impact, a CVSS...
CBL Mariner 2.0 Security Update: cert-manager / helm (CVE-2025-32387)
The version of cert-manager / helm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32387 advisory. - Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be...
CVE-2020-0996
An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0985...
CVE-2020-0985
An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0996...
CVE-2020-1110
An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1109...
About Elevation of Privilege ā Windows Process Activation (CVE-2025-21204) vulnerability
About Elevation of Privilege - Windows Process Activation CVE-2025-21204 vulnerability. This vulnerability from the April Microsoft Patch Tuesday was not highlighted by VM vendors in their reviews. It affects the Windows Update Stack component and is related to improper link resolution before fil...
CVE-2025-27475
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-27475
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-27475
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-21204
Improper link resolution before file access 'link following' in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-21204
Improper link resolution before file access 'link following' in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-21204
CVE-2025-21204 affects Windows Update Stack with improper link resolution before file access, enabling local privilege elevation for an authenticated user. Public documentation confirms the vulnerability and that Microsoft released fixes as part of April 2025 updates; patches include OS updates t...
CVE-2025-27475
CVE-2025-27475 is a Windows Update Stack elevation-of-privilege vulnerability. Description: sensitive data stored in improperly locked memory within the Windows Update Stack can enable a locally authenticated attacker to escalate privileges. CVSS v3.1 metrics indicate LOCAL attack vector, HIGH im...