PT-2024-40919 · Cosmwasm · Cosmwasm

Name of the Vulnerable Software and Affected Versions: CosmWasm affected versions not specified Description: A specifically crafted Wasm file can cause the VM to consume excessive amounts of memory when compiling a contract, leading to high memory usage, slowdowns, potentially a crash, and can...

SUSE-SU-2024:2977-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2023-2861: Fixed improper access control on special files via 9p protocol bsc1212968 - CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command bsc1227322 Other fixes: - Fixed qemu build compilation with binutils...

openSUSE Security Advisory (SUSE-SU-2024:1498-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-4b0d95b102)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: pypy-7.3.16-2.fc40

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

Fedora: Security Advisory (FEDORA-2024-c5152808e4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to arbitrary code execution during compilation due to traverse ( CVE-2023-45133 )

Summary Package traverse is used by IBM Cloud Pak for Data. CVE-2023-45133. Vulnerability Details CVEID:CVE-2023-45133 DESCRIPTION: Babel could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the path.evaluateor path.evaluateTruthy. By using a specially crafted...

SUSE-SU-2024:2266-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: PostgreSQL upgrade to version 16.3 bsc1224051: - CVE-2024-4317: Fixed visibility restriction of pgstatsext and pgstatsextexprs entries to the table owner bsc1224038. Bug fixes: - Fix incompatibility with LLVM 18. - Prepare for PostgreSQL 17...

Exploit for Race Condition in Openbsd Openssh

Vulnerability Description CVE-2024-6387: A vulnerability in...

CLSA-2024-1718788150 java-1.8.0-openjdk: Fix of 4 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u412-b08. That fixes following CVEs: - CVE-2024-21011: Long Exception message leading to crash - CVE-2024-21085: Pack200 excessive memory allocation - CVE-2024-21068: Integer overflow in C1 compiler address generation - CVE-2024-21094: C2...

SUSE-SU-2024:1499-2 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging JDK-8319851,bsc1222979 - CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup JDK-8315708,bsc1222987 -...

SUSE-SU-2024:1498-2 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging JDK-8319851,bsc1222979 - CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup JDK-8315708,bsc1222987 -...

Oracle Linux 9 : ruby (ELSA-2024-3838)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3838 advisory. - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 Tenable has extracted the preceding description block directly from the Oracle Linux...

CVE-2024-36405

Removed by vendor...

Exploit for Improper Initialization in Linux Linux_Kernel

!Dirty Pipehttps://miro.medium.com/v2/resize:fit:1400/1G1ov2...

Google Chromium JIT Compilation Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chromium. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JIT compilation. T...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE202424919 Vulnerability Scanner This Java tool scans a l...

SUSE-SU-2024:1859-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 25 bsc1223470: - CVE-2023-38264: Fixed Object Request Broker ORB denial of service bsc1224164. - CVE-2024-21094: Fixed C2 compilation fails with 'Exceeded noderegs array' bsc1222986. -...

SUSE-SU-2024:1845-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 25 bsc1223470: - CVE-2023-38264: Fixed Object Request Broker ORB denial of service bsc1224164. - CVE-2024-21094: Fixed C2 compilation fails with 'Exceeded noderegs array' bsc1222986. -...

xorg-x11-server security update

1.20.14-23 - CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and CVE-2024-31083 - Add util-linux as a dependency of Xvfb - Fix compilation error on i686...