In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd [1], but the driver does not check whether the array index is out of bounds when...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid scanning potential huge holes When using devm_request_free_mem_region() and devm_memremap_pages() to add ZONE_DEVICE memory, if requested free mem region's end pfn were huge(e.g., 0x400000000), the...
7.2AI Score
0.0004EPSS
Oracle Linux 9 : thunderbird (ELSA-2024-4002)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4002 advisory. [115.12.1-1.0.1] - Add Oracle prefs [115.12.1] - Add OpenELA debranding [115.12.1-1] - Update to 115.12.1 build1 [115.12.0-2] - Update to 115.12.0...
6.9AI Score
0.0004EPSS
RHEL 9 : thunderbird (RHSA-2024:4015)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4015 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...
7.7AI Score
0.0004EPSS
RHEL 9 : thunderbird (RHSA-2024:4004)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4004 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...
7.7AI Score
0.0004EPSS
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): thunderbird: Use-after-free in networking (CVE-2024-5702) thunderbird: Use-after-free in JavaScript object transplant (CVE-2024-5688) thunderbird: External...
7.9AI Score
0.0004EPSS
AlmaLinux 9 : thunderbird (ALSA-2024:4002)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4002 advisory. * thunderbird: Use-after-free in networking (CVE-2024-5702) * thunderbird: Use-after-free in JavaScript object transplant (CVE-2024-5688) * thunderbird:...
7.7AI Score
0.0004EPSS
RHEL 8 : thunderbird (RHSA-2024:4001)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4001 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...
7.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup KASAN reports an out-of-bounds read in rk_gmac_setup on the line: while (ops->regs[i]) { This happens for most platforms since the regs flexible array member is empty, so...
7AI Score
0.0004EPSS
SUSE SLES15 Security Update : kernel RT (Live Patch 13 for SLE 15 SP5) (SUSE-SU-2024:2101-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2101-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_47 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...
7.1AI Score
0.0004EPSS
SUSE SLES15 Security Update : libarchive (SUSE-SU-2024:2082-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2082-1 advisory. - CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971). Tenable has extracted the preceding description block directly from...
7.3CVSS
7.2AI Score
0.003EPSS
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usb_kill_urb by adding memory barriers The syzbot fuzzer has identified a bug in which processes hang waiting for usb_kill_urb() to return. It turns out the issue is not unlinking the URB; that works just...
6.9AI Score
0.0004EPSS
SUSE SLES15 Security Update : podman (SUSE-SU-2024:2090-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2090-1 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry...
8.3CVSS
8.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which drm_atomic_get_new_bridge_state is allowed to return. Assume a fixed format...
6.9AI Score
0.0004EPSS
Strapi v4.24.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /strapi.io/_next/image. This vulnerability allows attackers to scan for open ports or access sensitive information via a crafted GET...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will....
7.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana_ib: boundary check before installing cq callbacks Add a boundary check inside mana_ib_install_cq_cb to prevent index...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The cmtp_add_connection() would add a cmtp session to a controller and run a kernel thread to process cmtp. __module_get(THIS_MODULE); session->task =...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...
6.6AI Score
0.0004EPSS
Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models
Posted by Sergei Glazunov and Mark Brand, Google Project Zero Introduction At Project Zero, we constantly seek to expand the scope and effectiveness of our vulnerability research. Though much of our work still relies on traditional methods like manual source code audits and reverse engineering,...
7.9AI Score
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gdk-pixbuf (SUSE-SU-2024:2077-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2077-1 advisory. gdk-pixbuf was updated to version 2.42.12: - Security issues fixed: * CVE-2022-48622: Fixed heap...
7.8CVSS
8AI Score
0.001EPSS
SUSE SLES15 Security Update : kernel RT (Live Patch 6 for SLE 15 SP5) (SUSE-SU-2024:2096-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:2096-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_21 fixes one issue. The following security issue was fixed: - CVE-2024-26852: Fixed use-after-free...
6.9AI Score
0.0004EPSS
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): thunderbird: Use-after-free in networking (CVE-2024-5702) thunderbird: Use-after-free in JavaScript object transplant (CVE-2024-5688) thunderbird: External...
7.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 2)...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of the SD in...
7.1AI Score
0.0004EPSS
SUSE SLES15 Security Update : kernel RT (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:2092-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2092-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_35 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...
7CVSS
7.7AI Score
EPSS
7AI Score
0.0004EPSS
Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit 15af22fc22 which has been included in...
7.3CVSS
0.0004EPSS
Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit 15af22fc22 which has been included in...
7.3CVSS
6.5AI Score
0.0004EPSS
Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit 15af22fc22 which has been included in...
7.3CVSS
7AI Score
0.0004EPSS
CVE-2024-38355 Unhandled 'error' event in socket.io
Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit 15af22fc22 which has been included in...
7.3CVSS
0.0004EPSS
Issue Overview: Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, >, or =, as each would then be interpreted as starting a separate attribute. If an...
6.1CVSS
6.4AI Score
0.001EPSS
Issue Overview: An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user. (CVE-2024-23280) The issue was addressed with...
6.3AI Score
0.0005EPSS
Issue Overview: Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, >, or =, as each would then be interpreted as starting a separate attribute. If an...
6.1CVSS
6.4AI Score
0.001EPSS
Summary Vulnerabilities in multiple JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products. The vulnerabilities are not thought to be exploitable but IBM recommends upgrade for users of Transparent Cloud Tiering...
9.8CVSS
9.5AI Score
0.939EPSS
Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850. Vulnerability Details **...
7.5CVSS
6.9AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of the SD in...
7.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of the SD in...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of the SD in...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the following parameters: .-[old-val] .-[new-val] BPF_R0 =...
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the following parameters: .-[old-val] .-[new-val] BPF_R0 =...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the following parameters: .-[old-val] .-[new-val] BPF_R0 =...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 2)...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 2)...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 2)...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup KASAN reports an out-of-bounds read in rk_gmac_setup on the line: while (ops->regs[i]) { This happens for most platforms since the regs flexible array member is empty, so the....
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a given transmit...
7.1AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a given transmit queue.....
0.0004EPSS