CLSA-2024-1725187614 kernel: Fix of 11 CVEs

drm/vmwgfx: Fix invalid reads in fence signaled events CVE-2024-36960 - afunix: Fix garbage collector racing against connect CVE-2024-26923 - ipv6: remove maxsize check inline with ipv4 CVE-2023-52340 - aoe: fix the potential use-after-free problem in aoecmdcfgpkts CVE-2023-6270 - smb: client:...

CVE-2024-20396

A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability exists because the affected application does not safely handle file protocol handlers. An attacker could exploit this vulnerabili...

CVE-2024-36527

puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server...

PT-2024-27048 · Unknown · Puppeteer-Renderer

Name of the Vulnerable Software and Affected Versions: puppeteer-renderer versions 3.2.0 and earlier Description: The issue allows attackers to exploit the URL parameter using the file protocol to read sensitive information from the server. This is achieved through a Directory Traversal attack...

Puppeteer Security Vulnerabilities

Puppeteer is a web page renderer by the individual developer Yeongjin Lee. A security vulnerability exists in puppeteer-renderer v.3.2.0 and earlier versions that could allow an attacker to read sensitive information from the server using the URL parameter of the file protocol...

CVE-2024-36527

puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server...

Netatalk Security Vulnerabilities

Netatalk is open source software that provides AFP file server functionality for Classic Mac OS and macOS on Unix-like OS. A security vulnerability exists in Netatalk version 3.2.0, which originates from a heap-based buffer overflow due to the setting of afpmapname FPMapName ibuflen to 0 in...

LoLLMs Security Vulnerabilities

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A security vulnerability exists in LoLLMs that stems from the installmodel function in lollmscore/lollms/binding.py that does not properly clean up the file protocol and other inputs, resulting...

CVE-2024-0440

Attacker, with permission to submit a link or submits a link via POST to be collected that is using the file:// protocol can then introspect host files and other relatively stored files...

CVE-2024-0440

Attacker, with permission to submit a link or submits a link via POST to be collected that is using the file:// protocol can then introspect host files and other relatively stored files...

CVE-2024-0440

CVE-2024-0440 describes an SSRF-type flaw where an attacker with permission to submit a link or submit via POST a link using the file:// protocol can introspect host files and other relatively stored files. Affected exposure is described across multiple feeds; CVSS data vary by source (NVD: 3.1, ...

CVE-2024-0440 SSRF - file:// unsanitized access to underlying host files

Attacker, with permission to submit a link or submits a link via POST to be collected that is using the file:// protocol can then introspect host files and other relatively stored files...

PT-2024-15564 · Git +2 · Anything-Llm +1

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue allows an attacker, with permission to submit a link or submitting a link via POST to be collected that is using the file:// protocol, to introspect host files and other relative...

CVE-2023-5785

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /protocol/firewall/addaddressinterpret.php. The manipulation of the argument messagecontent leads to sql injection. The exploit has been...

SUSE CVE-2023-23597

A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefo...

git: exposure of sensitive information to a malicious actor

Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone where the source and target of the clone...

SUSE CVE-2006-1942

Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into...

SUSE CVE-2006-2563

The cURL library libcurl in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters...

SUSE CVE-2007-3285

Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a 1 file:/// or 2 resource: URI with a dangerous extension, followed by a NULL byte %00 and a safer extension, which causes Firefox to treat the requested file...

SUSE CVE-2007-4850

curl/interface.c in the cURL library aka libcurl in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safemode and openbasedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563...