CVE-2024-45312 Arbitrary language parameter can passed to `aspell` executable via spelling requests in overleaf

Overleaf is a web-based collaborative LaTeX editor. Overleaf Community Edition and Server Pro prior to version 5.0.7 or 4.2.7 for the 4.x series contain a vulnerability that allows an arbitrary language parameter in client spelling requests to be passed to the aspell executable running on the...

CVE-2024-45312

Summary: CVE-2024-45312 affects Overleaf Community Edition and Server Pro before 5.0.7 (or 4.x before 4.2.7). The issue lets an arbitrary language parameter in client spelling requests reach the server’s aspell process, causing it to load a dictionary file with an arbitrary filename; access is li...

SUSE-SU-2024:3076-1 Security update for python39

This update for python39 fixes the following issues: Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 - CVE-2024-5642: Removed support for anything but OpenSSL 1.1.1 or newer bsc1227233 Non-security issues fixed: - Fixed executable bits for...

DEBIAN-CVE-2024-0111

NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering...

DEBIAN-CVE-2024-0110

NVIDIA CUDA Toolkit contains a vulnerability in command cuobjdump where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service...

NVIDIA CUDA toolkit 安全漏洞

The NVIDIA CUDA toolkit is a toolkit from NVIDIA, Inc. It provides a development environment for creating high-performance GPU-accelerated applications. A security vulnerability exists in the NVIDIA CUDA toolkit that originates from a user may cause a crash or produce incorrect output by passing ...

PT-2024-15349 · Nvidia +1 · Nvidia Cuda Toolkit +1

Name of the Vulnerable Software and Affected Versions: NVIDIA CUDA Toolkit affected versions not specified Description: The issue is related to the 'cuobjdump' command in the NVIDIA CUDA Toolkit, which can be exploited by passing a malformed ELF file. This can cause a crash or produce incorrect...

Spring Boot CDS support and Project Leyden anticipation

How can Spring Boot developers improve the runtime efficiency of their applications with minimal constraints in order to enjoy those benefits on most applications? The answer is the CDS support introduced by Spring Boot 3.3 which allows you to start your Spring Boot applications faster and consum...

[SECURITY] Fedora 39 Update: python3.11-3.11.9-5.fc39

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

GO-2022-0410 Local directory executable lookup in sops (Windows-only) in go.mozilla.org/sops

Local directory executable lookup in sops Windows-only in go.mozilla.org/sops...

CVE-2023-22576

Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges...

CVE-2023-22576

Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges...

CVE-2023-22576

Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges...

CVE-2023-22576

Dell Repository Manager (versions 3.4.2 and earlier) is affected by a Local Privilege Escalation in the Installation module, allowing a local low-privilege user to execute arbitrary code with high privileges and potentially disrupt service. Remediation is available: patch to 3.4.3 via Dell securi...

Medical Center Portal 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Medical Center Portal 1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits ...

SUSE SLES15 / openSUSE 15 Security Update : python310 (SUSE-SU-2024:2974-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2974-1 advisory. Security issue fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 Non-security issues...

SUSE: Security Advisory (SUSE-SU-2024:2974-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Online Diagnostic Lab Management System 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Online Diagnostic Lab Management System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

SUSE-SU-2024:2982-1 Security update for python311

This update for python311 fixes the following issues: Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 - CVE-2024-5642: Removed support for anything but OpenSSL 1.1.1 or newer bsc1227233 - CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private...

SUSE-SU-2024:2974-1 Security update for python310

This update for python310 fixes the following issues: Security issue fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 Non-security issues fixed: - Improve python reproducible builds bsc1227999 - Make pip and modern tools install directly in /usr/local when...