Security
Headlines
HeadlinesLatestCVEs

Source

Packet Storm

QuickJob 6.1 Insecure Settings

QuickJob version 6.1 suffers from an ignored default credential vulnerability.

Packet Storm
#sql#xss#csrf#vulnerability#web#ios#mac#windows#apple#google#ubuntu#linux#debian#cisco#git#java#php#perl#auth#ruby#firefox
Ubuntu Security Notice USN-6924-1

Ubuntu Security Notice 6924-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice USN-6921-1

Ubuntu Security Notice 6921-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice USN-6923-1

Ubuntu Security Notice 6923-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Telegram For Android Connection::onReceivedData Use-After-Free

Telegram for Android suffers from a use-after-free vulnerability in Connection::onReceivedData.

PowerVR _DevmemXReservationPageAddress() Wrapping Addition Error

PowerVR has an issue where wrapping addition in _DevmemXReservationPageAddress() causes an MMU operation at the wrong address.

PowerVR DevmemXIntMapPages() / DevmemXIntUnmapPages() Integer Overflows

PowerVR has integer overflows in DevmemXIntMapPages() and DevmemXIntUnmapPages(), exploitable as dangling GPU page table entries.

PowerVR PMR Physical Memory Handling Flaw

PowerVR PMR allows physical memory to be freed before GPU TLB invalidation.

Ubuntu Security Notice USN-6922-1

Ubuntu Security Notice 6922-1 - It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Chenyuan Yang discovered that the Unsorted Block Images flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service.