CVE-2024-32664

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds include not use...

CVE-2023-50375 WordPress Translate WordPress – Google Language Translator plugin <= 6.0.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in edo888 Google Language Translator google-language-translator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Language Translator: from n/a through = 6.0.19...

PT-2024-13930 · Google · Google Language Translator

Name of the Vulnerable Software and Affected Versions: Google Language Translator versions 6.0.19 and earlier Description: The issue is related to a Missing Authorization vulnerability in Translate AI Multilingual Solutions Google Language Translator, which allows exploiting incorrectly configure...

MongoDB Buffer Over-Read Vulnerability (SERVER-96419) - Windows

MongoDB is prone to a buffer over-read vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...

BIT-VALKEY-2023-28856 `HINCRBYFLOAT` can be used to crash a redis-server process

Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...

DEBIAN-CVE-2024-32867

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19...

CVE-2024-32664

CVE-2024-32664 affects Suricata before 7.0.5 and 6.0.19, where specially crafted traffic or datasets can cause a limited buffer overflow. The vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds include avoiding rules with the base64_decode keyword (bytes option 1, 2, or 5) and, for 7.0.x, set...

Suricata 安全漏洞

Suricata is a suite of network Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS, and network security monitoring engines developed by the Open Information Security Foundation OISF and its supporting vendors, which supports multi-threading, built-in IPv6, and the ability to load...

PT-2024-24922

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 7.0.5 Suricata versions prior to 6.0.19 Description Suricata is a network Intrusion Detection System, Intrusion Prevention System, and Network Security Monitoring engine. Various problems in handling fragmentation...

PT-2024-6030 · Suricata +1 · Suricata +1

Name of the Vulnerable Software and Affected Versions: Suricata versions prior to 7.0.5 Suricata versions prior to 6.0.19 Description: The issue is related to a limited buffer overflow in Suricata, a network Intrusion Detection System, Intrusion Prevention System, and Network Security Monitoring...

SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2023:2122-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2122-1 advisory. - Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands like SCA...

CVE-2023-28856

Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...

PT-2023-3517

Name of the Vulnerable Software and Affected Versions: Redis versions prior to 6.0.19 Redis versions prior to 6.2.12 Redis versions prior to 7.0.11 Description: The issue is related to insufficient input validation in the Redis database management system. Exploitation of this issue can allow a...

GSD-2023-1000417 virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session()

virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.19 by commit...

GSD-2023-1000416 vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove

vdpa/vpvdpa: fix kfree a wrong pointer in vpvdparemove This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.19 by commit...

GSD-2023-1000403 netfilter: ipset: Rework long task execution when adding/deleting entries

netfilter: ipset: Rework long task execution when adding/deleting entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.19 by commit...

GSD-2023-1000398 qed: allow sleep in qed_mcp_trace_dump()

qed: allow sleep in qedmcptracedump This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.19 by commit e0387f4f39a8d92302273ac356d1f6b2a38160d8, ...

GSD-2023-1000379 drm/amdkfd: Fix double release compute pasid

drm/amdkfd: Fix double release compute pasid This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.19 by commit...

PT-2023-33478 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.19 Description: The issue concerns an integer overflow in the rndis query check within the rndis host of the Linux Kernel's USB implementation. This could potentially lead to security vulnerabilities,...

PT-2023-33465 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.19 Description: The issue is related to the drm/i915/gvt component in the Linux Kernel. It was introduced in version v4.16 and fixed in version v6.0.19. The actual impact and attack plausibility have not ye...