Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

Talos discovers 11 vulnerabilities between Microsoft, Adobe software disclosed on Patch Tuesday

Eight of the vulnerabilities affect the license update feature for CLIPSP.SYS, a driver used to implement Client License System Policy on Windows 10 and 11.

TALOS
#vulnerability#web#windows#microsoft#cisco#dos#java#intel#rce#pdf
K7 Ultimate Security NULL Pointer Dereference

In K7 Ultimate Security versions prior to 17.0.2019, the driver file (K7RKScan.sys - this version 15.1.0.7) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of a null pointer dereference from IOCtl 0x222010 and 0x222014. At the same time, the drive is accessible to all users in the "Everyone" group.

Debian Security Advisory 5748-1

Debian Linux Security Advisory 5748-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

Red Hat Security Advisory 2024-5365-03

Red Hat Security Advisory 2024-5365-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include double free and null pointer vulnerabilities.

Red Hat Security Advisory 2024-5364-03

Red Hat Security Advisory 2024-5364-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include double free, memory leak, and null pointer vulnerabilities.

Red Hat Security Advisory 2024-5338-03

Red Hat Security Advisory 2024-5338-03 - An update for pcs is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Microsoft CLFS.sys Denial of Service

CVE-2024-6768 is a vulnerability in the Common Log File System (CLFS.sys) driver of Windows, caused by improper validation of specified quantities in input data. This flaw leads to an unrecoverable inconsistency, triggering the KeBugCheckEx function and resulting in a Blue Screen of Death (BSoD). The issue affects all versions of Windows 10 and Windows 11, Windows Server 2016, Server 2019 and Server 2022 despite having all updates applied. This Proof of Concept (PoC) shows that by crafting specific values within a .BLF file, an unprivileged user can induce a system crash.

Ubuntu Security Notice USN-6959-1

Ubuntu Security Notice 6959-1 - It was discovered that .NET suffered from an information disclosure vulnerability. An attacker could potentially use this issue to read targeted email messages.

Red Hat Security Advisory 2024-5337-03

Red Hat Security Advisory 2024-5337-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include an information leakage vulnerability.

Red Hat Security Advisory 2024-5329-03

Red Hat Security Advisory 2024-5329-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass, out of bounds read, and use-after-free vulnerabilities.