635 matches found
CVE-2023-34241
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data...
PT-2025-49732
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-319.el9.x86 64 1 Description The Linux kernel contained an issue where devlink port type warn would schedule a warning when a devlink port type was not set, but the warning did not clearly indicate which...
The vulnerability of the warn-proceed handler component of the Sophos Web Appliance (SWA) security and management device allows a perpetrator to execute arbitrary commands.
The vulnerability of the warn-proceed handler component of the Sophos Web Appliance SWA security and management device for web devices is related to the lack of measures to sanitize input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands remotely...
CVE-2023-1671
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code...
PT-2023-33148 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.12 Description: The issue provides a little extra FRAME WARN leeway when KASAN is enabled. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prio...
PT-2023-33314 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.158 Description: The issue provides extra FRAME WARN leeway when KASAN is enabled. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...
PT-2023-33410 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.268 Description: The issue provides a little extra FRAME WARN leeway when KASAN is enabled. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
PT-2023-33243 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.82 Description: The issue provides a little extra FRAME WARN leeway when KASAN is enabled. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...
reactor-netty-http: Log request headers in some cases of invalid HTTP requests
A flaw was found in the Reactor Netty HTTP Server, which may log request headers in some cases of invalid HTTP requests. This could allow an attacker to access privileged information when WARN level logging is enabled...
kernel: net: preserve skb_end_offset() in skb_unclone_keeptruesize()
In the Linux kernel, the following vulnerability has been resolved: net: preserve skbendoffset in skbunclonekeeptruesize syzbot found another way to trigger the infamous WARNONONCEdelta truesize value, we also need to make sure TCP wont fill new tailroom that pskbexpandhead was able to get from a...
kernel: exec: Force single empty string when argv is empty
In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...
CVE-2022-31684
A flaw was found in the Reactor Netty HTTP Server, which may log request headers in some cases of invalid HTTP requests. This could allow an attacker to access privileged information when WARN level logging is enabled...
Invalid HTTP requests in Reactor Netty HTTP Server may reveal access tokens
Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may request log headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled...
GHSA-7W4X-4H67-PGMV Invalid HTTP requests in Reactor Netty HTTP Server may reveal access tokens
Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may request log headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled...
CVE-2022-31684
Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled...
GSD-2022-1003455 KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2
KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.45 by commit...
Accellion Supply Chain Hack
A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. Theres much in the article about when Accellion knew about the vulnerability, when it alerted its customers, and when it patched its software. The governor of New Zealands central...
kernel: kernel pointer leak due to WARN_ON statement in video driver leads to local information disclosure
A flaw was found in the Linux kernel's video driver. A kernel pointer lead, due to a WARNON statement could lead to a local information disclosure with system execution privileges. User interaction is not needed for exploitation. The highest threat from this vulnerability is to data confidentiali...
Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler
Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler There is a missing address check in both showopcodes callers. showopcodes is mostly used by the kernel to print the raw instruction bytes surrounding an instruction that generated an unexpected exception;...
Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler
There is a missing address check in both showopcodes callers. showopcodes is mostly used by the kernel to print the raw instruction bytes surrounding an instruction that generated an unexpected exception; however, sometimes it is also used to print userspace instructions. Because the userspace...