208 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from kernel.randomizevaspace double read...
SolarWinds Web Help Desk < 12.8.3 HF 1 Deserialization RCE
The version of SolarWinds Web Help Desk installed on the remote host is prior to 12.8.3 HF1. It is, therefore, affected by a remote code execution vulnerability, that, if exploited, would allow an attacker to run commands on the host machine. Note that Nessus has not tested for these issues but h...
CVE-2023-52888 media: mediatek: vcodec: Only free buffer VA that is not NULL
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Only free buffer VA that is not NULL In the MediaTek vcodec driver, while mtkvcodecmemfree is mostly called only when the buffer to free exists, there are some instances that didn't do the check and...
CVE-2023-52888 media: mediatek: vcodec: Only free buffer VA that is not NULL
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Only free buffer VA that is not NULL In the MediaTek vcodec driver, while mtkvcodecmemfree is mostly called only when the buffer to free exists, there are some instances that didn't do the check and...
CVE-2023-52888
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Only free buffer VA that is not NULL In the MediaTek vcodec driver, while mtkvcodecmemfree is mostly called only when the buffer to free exists, there are some instances that didn't do the check and...
CVE-2023-52888
CVE-2023-52888 is a Linux kernel vulnerability affecting the MediaTek vcodec driver, where vcodec memory free operations may attempt to free a NULL VA without proper checks. The root cause is an unguarded path in mtk_vcodec_mem_free() that can trigger warnings and, in practice, exposes a potentia...
Security Bulletin: Multiple Security Vulnerabilities have been fixed in the IBM Directory Server and IBM Directory Suite products (CVE-2022-22473. CVE-2021-38951)
Summary Multiple Security Vulnerabilities in the IBM WebSphere Application Server product as shipped with the IBM Directory Server and IBM Directory Suite products have been fixed. Vulnerability Details CVEID:CVE-2022-22473 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 coul...
smilebydesignva.com Improper Access Control vulnerability OBB-3860466
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
mechanicsville-va.findstoragefast.com Cross Site Scripting vulnerability OBB-3853506
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
rehab.research.va.gov Cross Site Scripting vulnerability OBB-3839863
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
lyon.onvasortir.com Cross Site Scripting vulnerability OBB-3785534
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
[SECURITY] Fedora 39 Update: gstreamer1-vaapi-1.22.7-1.fc39
A collection of GStreamer plugins to let you make use of VA API video acceleration from GStreamer applications. Includes elements for video decoding, display, encoding and post-processing using VA API subject to hardware limitations...
Hive Pro Unveils Revolutionary Platform Uni5 Xposure, Elevating the Potential of Threat Exposure Management
HERNDON, VA., Oct. 10, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management today announced the highly-anticipated release of their new platform Uni5 Xposure, which debuts live at the GITEX GLOBAL trade show in Dubai, UAE and at Triangle InfoSec Conference in North Carolina, USA. Uni5...
va-studiodesign.com Cross Site Scripting vulnerability OBB-3588456
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
niel.n-va.be Cross Site Scripting vulnerability OBB-3531721
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
citrixaccesseast.va.gov Cross Site Scripting vulnerability OBB-3494085
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
IBM Security Directory Suite VA File Upload Vulnerability
IBM Security Directory Suite is a scalable, standards-based identity platform from International Business Machines IBM that simplifies identity and directory management. A file upload vulnerability exists in IBM Security Directory Suite VA, which can be exploited by an attacker to upload maliciou...
CVE-2022-33166
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 228586...
Design/Logic Flaw
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 228586...
CVE-2022-32752
CVE-2022-32752 affects IBM Security Directory Suite VA 8.0.1 through 8.0.1.19. A remote authenticated attacker can execute arbitrary commands on the system by sending a specially crafted request. IBM’s advisory and related sources identify the affected product and provide a fix: update to IBM Sec...