EUVD-2020-24667

Malware in sbrugna...

EUVD-2020-25233

Malware in sbrugna...

EUVD-2024-30963

Malicious code in bioql PyPI...

CVE-2020-3968

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.5, and Fusion 11.x before 11.5.5 contain an out-of-bounds write vulnerability in the USB 3.0 controller xHCI. A malicious actor with local administrati...

CVE-2024-33218

An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests...

CVE-2024-33218

An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests...

CVE-2024-33218

The CVE-2024-33218 entry concerns ASUSTeK Computer Inc.’s ASUS USB 3.0 Boost Storage Driver (version 5.30.20.0) and its AsUpIO64.sys component. The vulnerability allows attackers to escalate privileges and execute arbitrary code by sending crafted IOCTL requests, with local attack potential and h...

RHEL 8 : kpatch-patch (RHSA-2023:0499)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0499 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

RHEL 8 : kernel (RHSA-2023:0395)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0395 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: memory corruption in AX8817917...

AlmaLinux 8 : kernel-rt (ALSA-2023:0114)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0114 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple...

CVE-2022-2964

A flaw was found in the Linux kernel’s driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes...

Cisco IOS XE Software IOx Guest Shell USB SSD Namespace Protection Privilege Escalation (cisco-sa-iox-usb-guestshell-WmevScDj)

According to its self-reported version, IOS-XE is affected by a privilege escalation vulnerability due to a vulnerability in the file system on the pluggable USB 3.0 Solid State Drive SSD. An attacker could exploit this vulnerability by removing the USB 3.0 SSD, modifying or deleting files on the...

CVE-2020-3396

A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive SSD for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections. The vulnerability...

Design/Logic Flaw

A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive SSD for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections. The vulnerability...

CVE-2020-3396

The CVE-2020-3396 issue affects Cisco IOS XE Software IOx Guest Shell running on pluggable USB 3.0 SSDs. The root cause is that USB SSD control data is not stored on the device’s internal boot flash, enabling a physical attacker to remove the USB drive, alter or delete files, then reinsert it to ...

CVE-2020-3396 Cisco IOS XE Software IOx Guest Shell USB SSD Namespace Protection Privilege Escalation Vulnerability

A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive SSD for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections. The vulnerability...

CVE-2020-3968

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.5, and Fusion 11.x before 11.5.5 contain an out-of-bounds write vulnerability in the USB 3.0 controller xHCI. A malicious actor with local administrati...

Out-of-bounds

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.5, and Fusion 11.x before 11.5.5 contain an out-of-bounds write vulnerability in the USB 3.0 controller xHCI. A malicious actor with local administrati...

CVE-2020-3968

Summary: CVE-2020-3968 is an out-of-bounds write vulnerability in the USB 3.0 xHCI controller across VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839; 6.7 before 202004101-SG; 6.5 before 202005401-SG), VMware Workstation (15.x before 15.5.5), and VMware Fusion (11.x before 11.5.5). A local VM adm...

CVE-2020-0560

Improper permissions in the installer for the IntelR Renesas ElectronicsR USB 3.0 Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access...