ZDI-23-1644: Microsoft Windows win32kfull UMPDDrvStretchBltROP Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
ZDI-23-1645: Microsoft Windows win32kfull UMPDDrvBitBlt Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
ZDI-23-1646: Microsoft Exchange GsmWriter Deserialization of Untrusted Data NTLM Relay Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition or relay NTLM credentials on affected installations of Microsoft Exchange. Authentication is required to exploit...
xen-4.17.2-5.fc38
FEDORA-2023-56901a79a1 Packages in this update: xen-4.17.2-5.fc38 Update description: x86/AMD: mismatch in IOMMU quarantine page table levels [XSA-445, CVE-2023-46835] x86: BTC/SRSO fixes not fully effective [XSA-446,...
DSA-5555-1 openvpn – security update
Two vulnerabilities were discovered in openvpn, a virtual private network application which could result in memory disclosure or denial of service. The oldstable distribution (bullseye)...
DSA-5556-1 chromium – security update
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. https://security-tracker.debian.org/tracker/DSA-5556-1 Read More
DSA-5555 openvpn – security update
Two vulnerabilities were discovered in openvpn, a virtual private network application which could result in memory disclosure or denial of service. Read More
xen-4.17.2-5.fc39
FEDORA-2023-fa01e4c6ba Packages in this update: xen-4.17.2-5.fc39 Update description: x86/AMD: mismatch in IOMMU quarantine page table levels [XSA-445, CVE-2023-46835] x86: BTC/SRSO fixes not fully effective [XSA-446,...
Microsoft Patch Tuesday, November 2023 Edition
Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three “zero day” vulnerabilities...
USN-6479-1: Linux kernel (OEM) vulnerabilities
Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker...