Security
Headlines
HeadlinesLatestCVEs

Tag

#dell

Ubuntu Security Notice USN-5920-1

Ubuntu Security Notice 5920-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.

Packet Storm
Open in Source
#vulnerability#web#mac#google#amazon#ubuntu#linux#dos#oracle#perl#aws#buffer_overflow#dell#wifi
CVE-2023-25536: DSA-2023-035: Dell PowerScale OneFS Security Updates for Multiple Security Vulnerabilities

Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.

CVE-2023-25544: DSA-2023-058: Dell NetWorker Security Update for Version Disclosure Vulnerability

Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.

CVE-2023-24253: Security Advisory: Domotica Labs - IKON SERVER

Domotica Labs srl Ikon Server before v2.8.6 was discovered to contain a SQL injection vulnerability.

CVE-2022-39983: ​​Vulnerability Report - Instant Developer RD3 (CVE-2022-39983)

File upload vulnerability in Instantdeveloper RD3 22.0.8500, allows attackers to execute arbitrary code.

CVE-2023-24575: DSA-2023-043: Dell Multifunction Printer E525w Security Update for a Privilege Escalation Vulnerability

Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system

CVE-2023-23695: DSA-2023-020: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.

Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities

Microsoft on Tuesday released security updates to address 75 flaws spanning its product portfolio, three of which have come under active exploitation in the wild. The updates are in addition to 22 flaws the Windows maker patched in its Chromium-based Edge browser over the past month. Of the 75 vulnerabilities, nine are rated Critical and 66 are rated Important in severity. 37 out of 75 bugs are