DEBIAN-CVE-2021-47433

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfsreplacefileextents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the if statement to decide...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an abort logic error in btrfsreplacefileextents...

PT-2024-26273 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.113 Description: The issue is related to Cross Site Scripting XSS and can be exploited via the sys data replace.php file. Recommendations: For DedeCMS version 5.7.113, at the moment, there is no information about a newer...

CVE-2024-4810

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. This CVE has been replaced by CVE-2024-36015...

SUSE CVE-2024-26944

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in dozonefinish Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info device nullb1: scrub: finished on devid 1 with status: 0...

DEBIAN-CVE-2024-26944

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in dozonefinish Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info device nullb1: scrub: finished on devid 1 with status: 0...

CVE-2024-26944

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in dozonefinish Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info device nullb1: scrub: finished on devid 1 with status: 0...

CVE-2024-26944 btrfs: zoned: fix use-after-free in do_zone_finish()

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in dozonefinish Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info device nullb1: scrub: finished on devid 1 with status: 0...

CVE-2024-29958

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiring the encryption...

EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2024-1559)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the...

PT-2024-24361 · Kohya Ss · Kohya Ss

Name of the Vulnerable Software and Affected Versions: Kohya ss versions prior to 23.1.5 Description: Kohya ss is a GUI for Kohya's Stable Diffusion trainers. It is vulnerable to a path injection in the common gui.py find and replace function. Recommendations: For versions prior to 23.1.5, update...

SUSE CVE-2024-26791

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

CVE-2024-26791

A vulnerability was found in the Linux kernel's btrfs filesystem related to the dev-replace feature. The issue stems from inadequate validation of device names. This flaw could allow an attacker unauthorized access or manipulation of devices, impacting the system's security. Mitigation Mitigation...

DEBIAN-CVE-2024-26791

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

CVE-2024-26791

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

UBUNTU-CVE-2024-26791

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

CVE-2024-26791 btrfs: dev-replace: properly validate device names

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

CVE-2024-26791

CVE-2024-26791 — Linux kernel: btrfs dev-replace: properly validate device names. A syzbot report indicated device name buffers passed to device replace could read beyond end (getname_kernel) due to insufficient termination checks. The fix adds a helper that validates both source and target devic...

CVE-2024-3274 D-Link DNS-320L/DNS-320LW/DNS-327L HTTP GET Request info.cgi information disclosure

UNSUPPORTED WHEN ASSIGNED A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handler. The manipulation...

PT-2024-6465 · D Link · D-Link Dns-321 +16

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 versions up to 20240814...