Security
Headlines
HeadlinesLatestCVEs

Tag

#ibm

Ubuntu Security Notice USN-6441-1

Ubuntu Security Notice 6441-1 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service or possibly execute arbitrary code.

Packet Storm
Open in Source
#vulnerability#web#google#microsoft#amazon#ubuntu#linux#dos#oracle#perl#aws#buffer_overflow#ibm
Human Error: Casio ClassPad Data Breach Impacting 148 Countries

By Waqas If you are a Casio ClassPad customer, it is strongly recommended that you change your ClassPad password immediately to protect yourself. This is a post from HackRead.com Read the original post: Human Error: Casio ClassPad Data Breach Impacting 148 Countries

CVE-2022-43892: IBM Security Verify Privilege information disclosure CVE-2022-43892 Vulnerability Report

IBM Security Verify Privilege On-Premises 11.5 does not validate, or incorrectly validates, a certificate which could disclose sensitive information which could aid further attacks against the system. IBM X-Force ID: 240455.

CVE-2022-43891: IBM Security Verify Privilege information disclosure CVE-2022-43891 Vulnerability Report

IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 240454.

CVE-2022-22385: IBM Security Verify Privilege information disclosure CVE-2022-22385 Vulnerability Report

IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an attacked due to the transmission of data in clear text. IBM X-Force ID: 221962.

CVE-2022-22375: IBM Security Verify Privilege command execution CVE-2022-22375 Vulnerability Report

IBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 221681.

CVE-2022-43893: ELAN Microelectronics Miniport touchpad Windows driver denial of service CVE-2021-42205 Vulnerability Report

IBM Security Verify Privilege On-Premises 11.5 could allow a privileged user to cause by using a malicious payload. IBM X-Force ID: 240634.

CVE-2021-38859: IBM Security Verify Privilege information disclosure CVE-2021-38859 Vulnerability Report

IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain version number information using a specially crafted HTTP request that could be used in further attacks against the system. IBM X-Force ID: 207899.

CVE-2021-20581: IBM Security Verify Privilege information disclosure CVE-2021-20581 Vulnerability Report

IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 199324.

CVE-2022-22377: Security Bulletin: IBM Security Verify Privilege On-Premise is affected by multiple security vulnerabilities

IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 221827.