AZL-51252 CVE-2024-50045 affecting package kernel for versions less than 6.6.57.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: fix panic with metadatadst skb Fix a kernel panic in the brnetfilter module when sending untagged traffic via a VxLAN device. This happens during the check for fragmentation in brnfdevqueuexmit. It is...

The vulnerability of the Resume Extensible Firmware Interface in Microsoft Windows operating systems allows a hacker to bypass the UEFI Secure Boot security mechanism.

The vulnerability of the Resume Extensible Firmware Interface in Microsoft Windows operating systems is related to a potential overflow condition. Exploiting this vulnerability could allow an attacker to bypass the UEFI Secure Boot security mechanism...

The vulnerability of the Resume Extensible Firmware Interface in Microsoft Windows operating systems allows a hacker to bypass the UEFI Secure Boot security mechanism.

The vulnerability of the Resume Extensible Firmware Interface in Microsoft Windows operating systems is related to the use of an unreliable pointer. Exploiting this vulnerability could allow an attacker to bypass the UEFI Secure Boot security mechanism...

[SECURITY] Fedora 40 Update: perl-App-cpanminus-1.7047-4.fc40

Why? It's dependency free, requires zero configuration, and stands alone but it's maintainable and extensible with plug-ins and friendly to shell scripting. When running, it requires only 10 MB of RAM...

[SECURITY] Fedora 39 Update: perl-App-cpanminus-1.7047-2.fc39

Why? It's dependency free, requires zero configuration, and stands alone but it's maintainable and extensible with plug-ins and friendly to shell scripting. When running, it requires only 10 MB of RAM...

SSOReady 数据伪造问题漏洞

SSOReady is an open source development tool for enterprise SSO from SSOReady Open Source. A data forgery vulnerability exists in SSOReady, which stems from the vulnerability of the affected version to XML signature bypass attacks...

CVE-2024-37982

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability...

CVE-2024-37983

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability...

CVE-2024-37976

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability...

CVE-2024-37976

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability...

CVE-2024-37983 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

...

CVE-2024-37982 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

...

CVE-2024-37982

Technical details about CVE-2024-37982 are not provided in the connected documents. No specifics on affected components, root cause, or fixes are available here. Monitor official advisories/updates for authoritative guidance.

Important: Red Hat Bug Fix Advisory: Red Hat Developer Hub 1.3.0 release

Red Hat Developer Hub 1.3.0 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

AZL-49713 CVE-2024-38796 affecting package hvloader for versions less than 1.0.1-13

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

Apache HertzBeat 代码问题漏洞

Apache HertzBeat is a tool from the American company Apache Apache that can monitor various components. A deserialization vulnerability exists in Apache HertzBeat versions prior to 1.6.0, which stems from the insecure deserialization of serialized data received from users by the SnakeYAML library...

rexml: DoS vulnerability in REXML

An uncontrolled resource consumption vulnerability was found in REXML. When parsing an untrusted XML with many specific characters such as , it can lead to a denial of service...

Guardrails 安全漏洞

Guardrails is a Python framework open-sourced by Guardrails AI. A security vulnerability exists in Guardrails versions 0.2.9 through 0.5.0 and earlier, which stems from its improper validation of an XML file, such that if a victim loads an XML file containing malicious Python code, the code will ...

rexml: DoS vulnerability in REXML

A flaw was found in the REXML package. Reading an XML file that contains many entity expansions may lead to a denial of service due to resource starvation. An attacker can use this flaw to trick a user into processing an untrusted XML file...

[SECURITY] Fedora 41 Update: ruby-3.3.5-14.fc41

Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...