by EGI CSIRT | Jul 28, 2022 | Advisories, News
Vulnerabilities CVE-2021-22040 and CVE-2021-22041 have been reported for the following programs: VMware ESX 6.5, 6.7, 7.0VMware Workstation 16.x < v16.2.1VMware Fusion 12.x < v12.2.1 Updates are available that contain a fix for those vulnerabilities. Details can...
by EGI CSIRT | Jul 7, 2022 | Advisories, News
A flaw was found in the way the “flags” member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could...
by EGI CSIRT | May 25, 2022 | Advisories, News
Slurm has fixed 3 vulnerabilities in their new release, including CVE-2022-29500 in the authentication handling which may allow un unprivileged user to impersonate the SlurmUser account. This vulnerability is considered as critical. The fix is available in versions...
by EGI CSIRT | May 13, 2022 | Advisories, News
2 flaws were found in the linux kernel (CVE-2021-4028, CVE-2021-4083). Both may allow privilege escalation on the system. Eventhough the exploit is not very likely to happen, sites are advised to upgrade the kernel asap. SVG advisory is published on this...
by EGI CSIRT | May 1, 2022 | Advisories, News
Vulnerabilities have been found concerning the expat XML parser, including two which may lead to arbitrary code execution (CVE-2022-25235, CVE-2022-25236). The expat XML parser is a library, written in C, which is a dependency for various other software. Details are...
by EGI CSIRT | Apr 26, 2022 | Advisories, News
A vulnerability has been found in Java (CVE-2022-21449), involving Improper Verification of Cryptographic Signature. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data. The details can be...
Recent Comments