by EGI CSIRT | Jan 24, 2024 | Advisories, News
An array indexing vulnerability CVE-2023-42753 was found in the netfilter subsystem of the Linux kernel, which may allow a local user to crash the system or potentially escalate their privileges on the system. PoC for this vulnerability is publicly available. Details...
by EGI CSIRT | Nov 22, 2023 | Advisories, News
A security vulnerability CVE-2023-23583 was found in some Intel processors potentially allowing privilege escalation, information disclosure and/or a denial of service via local access. See more about this vulnerability in our SVG Advisory.
by EGI CSIRT | Nov 15, 2023 | Advisories, News
HIGH risk buffer overflow vulnerability CVE-2023-4911 in GNU C Library’s dynamic loader ld.so which may lead to privilege escalation. [R 1] [R 2]. This affects RHEL8, RHEL9 and derivatives, but not RHEL7. More about this vulnerability and how to mitigate it, can be...
by EGI CSIRT | Nov 15, 2023 | Advisories, News
A HIGH risk vulnerability has been found concerning INDIGO-IAM where a user may be granted rights to which they are not entitled. Effectively this is a privilege escalation vulnerability. This is fixed in INDIGO-IAM version 1.8.1p2 and 1.8.2p2. More about this...
by EGI CSIRT | Nov 13, 2023 | Advisories, News
Multiple HIGH risk race condition vulnerabilities concerning Slurm (CVE-2023-41914) were found which may result in the user taking ownership of an arbitrary file on the system. This has been fixed in Slurm versions 23.02.6 and 22.05.10. Sites using a vulnerable...
by EGI CSIRT | Oct 23, 2023 | Advisories, News
Multiple (also critical) vulnerabilities were found in Cisco IOS XE Software Web UI that effect devices with HTTP in HTTPS protocols enabled and exposed to the Internet. The most critical is vulnerability CVE-2023-20198 with CVSS score 10.0, which allows a remote,...
Recent Comments