1683 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition issue when concurrently stopping garbage collection in the f2fs file system...
DEBIAN-CVE-2024-55603
Kanboard is project management software that focuses on the Kanban methodology. In affected versions sessions are still usable even though their lifetime has exceeded. Kanboard implements a cutom session handler app/Core/Session/SessionHandler.php, to store the session data in a database...
PT-2024-36564 · Kanboard +1 · Kanboard +1
Name of the Vulnerable Software and Affected Versions: Kanboard versions prior to 1.2.43 Description: Kanboard is project management software that focuses on the Kanban methodology. In affected versions, sessions are still usable even though their lifetime has exceeded. Kanboard implements a cust...
SUSE CVE-2024-42331
In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browserpusherror method in the src/libs/zbxembed/browsererror.c file. A use-after-free bug can occur at this stage if th...
DEBIAN-CVE-2024-42331
In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browserpusherror method in the src/libs/zbxembed/browsererror.c file. A use-after-free bug can occur at this stage if th...
CVE-2024-42331
In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browserpusherror method in the src/libs/zbxembed/browsererror.c file. A use-after-free bug can occur at this stage if th...
UBUNTU-CVE-2024-42331
In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browserpusherror method in the src/libs/zbxembed/browsererror.c file. A use-after-free bug can occur at this stage if th...
Astra Linux – Vulnerability in Firefox
Incorrect garbage collection interactions in IndexedDB could lead to a use-after-free vulnerability. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...
Astra Linux – Vulnerability in Firefox
Incorrect garbage collection interactions could lead to a use-after-free vulnerability. This vulnerability affects Firefox versions earlier than 129...
kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The...
kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The...
kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The...
PT-2024-35665
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A race condition exists in the Linux kernel's f2fs file system, specifically in the f2fs stop gc thread function. This issue arises when concurrent calls are made to shut down the f2...
apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients
A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory...
apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients
A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory...
CVE-2024-10335
A vulnerability was found in SourceCodester Garbage Collection Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. T...
CVE-2024-10335 SourceCodester Garbage Collection Management System login.php sql injection
A vulnerability was found in SourceCodester Garbage Collection Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. T...
CVE-2024-10335
CVE-2024-10335 affects SourceCodester Garbage Collection Management System 1.0. The vulnerability resides in the login.php code, where manipulation of the username and potentially password parameters leads to an SQL injection. Exploitation is described as remote, with public disclosure of the exp...
CVE-2024-10335 SourceCodester Garbage Collection Management System login.php sql injection
A vulnerability was found in SourceCodester Garbage Collection Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. T...
SourceCodester Garbage Collection Management System SQL注入漏洞
SourceCodester Garbage Collection Management System is a SourceCodester open source garbage collection management system. A SQL injection vulnerability exists in SourceCodester Garbage Collection Management System version 1.0, which is caused by improper handling of username/password parameters i...