CVE-2024-3154

A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system...

CVE-2024-3154 Cri-o: arbitrary command injection via pod annotation

A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system...

CVE-2024-3154 Cri-o: arbitrary command injection via pod annotation

A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system...

CVE-2024-3154

CVE-2024-3154 affects cri-o. A flaw lets an arbitrary systemd property be injected via pod annotations, enabling an attacker who can create a pod with a crafted annotation to perform an arbitrary action on the host. The record does not specify exact vulnerable versions or a fixed patch version. P...

Quarkus: authorization flaw in quarkus resteasy reactive and classic

A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either...

CVE-2023-5675

A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either...

CVE-2024-3154

A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system...

CVE-2024-26862

In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignoreoutgoing ignoreoutgoing is read locklessly from devqueuexmitnit and packetgetsockopt Add appropriate READONCE/WRITEONCE annotations. syzbot reported: BUG: KCSAN: data-race in devqueuexmitn...

Apache Zeppelin 安全漏洞

Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin suffers from a full bypass vulnerability that can be exploited by an attacker to bypass authentication by...

Foxit PDF Reader Information Disclosure Vulnerability (CNVD-2024-20600)

Foxit PDF Reader is China Foxit Foxit company a PDF reader. Foxit PDF Reader has an information disclosure vulnerability that originates from a post-release reuse issue in the Annotation module, which can be exploited by an attacker to obtain sensitive information...

JFreeChart 安全漏洞

JFreeChart is a comprehensive free charting library for the Java platform from the individual developer David Gilbert. A security vulnerability exists in JFreeChart v1.5.4, which stems from a null pointer exception contained in the component /chart/annotations/CategoryLineAnnotation...

Foxit PDF Reader AcroForm Annotation Type Obfuscation Code Execution Vulnerability

Foxit PDF Reader is a PDF document reader and printer with fast startup speed and rich features. A type-obfuscation vulnerability exists in the Foxit PDF Reader AcroForm Annotation, which can be exploited by an attacker to submit a special request for a file, tricking the user into parsing it,...

CVE-2024-30329

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2024-30329

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2024-30329 Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2024-30329

CVE-2024-30329 concerns Foxit PDF Reader/Viewer: an Annotation Use-After-Free vulnerability in the handling of Annotation objects. The flaw arises from not validating object existence before performing operations, enabling an information disclosure exposure on affected installations. The descript...

CVE-2024-30329 Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.2.11 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is China Foxit Foxit company a PDF reader. Foxit PDF Reader has an information disclosure vulnerability that originates from a post-release reuse issue in the Annotation module, which can be exploited by an attacker to obtain sensitive information...

CVE-2024-30357

Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...