USN-6724-1 linux, linux-aws, linux-azure, linux-azure-6.5, linux-gcp, linux-gcp-6.5, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-starfive, linux-starfive-6.5 vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

Windows File Server Resource Management Service Elevation of Privilege Vulnerability

...

PT-2024-3312 · Microsoft · Windows File Server Resource Management Service +1

Name of the Vulnerable Software and Affected Versions: Windows File Server Resource Management Service affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in the Windows File Server Resource Management Service. It is caused by incorrect...

PT-2024-26764

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37 Description The issue is related to a potential use-after-free bug in the Linux kernel's SMB client when walking DFS referrals, mounting, and performing DFS failover. This is resolved by ensuring all...

CVE-2024-1227 Multiple vulnerabilities in Rejetto's Http File Server

An open redirect vulnerability, the exploitation of which could allow an attacker to create a custom URL and redirect a legitimate page to a malicious site...

CVE-2024-1227 Multiple vulnerabilities in Rejetto's Http File Server

An open redirect vulnerability, the exploitation of which could allow an attacker to create a custom URL and redirect a legitimate page to a malicious site...

CVE-2024-1226 Multiple vulnerabilities in Rejetto's Http File Server

The software does not neutralize or incorrectly neutralizes certain characters before the data is included in outgoing HTTP headers. The inclusion of invalidated data in an HTTP header allows an attacker to specify the full HTTP response represented by the browser. An attacker could control the...

CVE-2024-1226 Multiple vulnerabilities in Rejetto's Http File Server

The software does not neutralize or incorrectly neutralizes certain characters before the data is included in outgoing HTTP headers. The inclusion of invalidated data in an HTTP header allows an attacker to specify the full HTTP response represented by the browser. An attacker could control the...

Rejetto Http File Server Input Validation Error Vulnerability

HTTP File Server is a simple tool that allows you to access your phone's files from your desktop, tablet or other device without any special software - just a web browser. An input validation error vulnerability exists in Rejetto Http File Server version 2.2a, which stems from the presence of an...

PT-2024-17521 · Rejetto · Http File Server

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is an open redirect vulnerability. This could allow an attacker to create a custom URL and redirect a legitimate page to a malicious site. The...

Rejetto Http File Server Injection Vulnerability

HTTP File Server is a simple tool that allows you to access your phone's files from your desktop, tablet or other device without any special software - just a web browser. An injection vulnerability exists in Rejetto Http File Server version 2.2a, which stems from the fact that under certain...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

Design/Logic Flaw

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

Cute Http File Server Security Vulnerability

Cute Http File Server is a free, HTTP protocol file sharing server for iscute individual developers. A security vulnerability exists in Cute Http File Server version v.3.1, which originates from a vulnerability that could allow a remote attacker to escalate privileges via a password authenticatio...

CVE-2024-26566

CVE-2024-26566 affects Cute Http File Server v3.1. The issue allows a remote attacker to escalate privileges via the password verification component, with a network attack vector, no user interaction, and high impact (Integrity). Affected software is Cute Http File Server v3.1 (no other versions ...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

PT-2024-21424 · Unknown · Cute Http File Server

Name of the Vulnerable Software and Affected Versions: Cute Http File Server version 3.1 Description: The issue allows a remote attacker to escalate privileges via the password verification component. Recommendations: For Cute Http File Server version 3.1, consider disabling the password...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

SUSE CVE-2024-22232

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master's filesystem...