Cisco IOS Software Intermediate System to Intermediate System DoS (cisco-sa-isis-sGjyOUHX)

According to its self-reported version, Cisco IOS is affected by a vulnerability. - A vulnerability in the Intermediate System-to-Intermediate System IS-IS protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS...

The vulnerability of the System-to-Intermediate System Protocol Handler component in Cisco IOS XR allows a attacker to trigger a Denial-of-Service Attack (DoS).

The vulnerability of the System-to-Intermediate System Protocol Handler component in Cisco IOS XR software is related to insufficient validation of input packets of the IS-IS protocol. Exploiting this vulnerability can allow a malicious actor to trigger a Denial-of-Service attack...

kernel: i40e: fix race condition by adding filter's intermediate sync state

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

CVE-2024-53088

...

Russia’s Ballistic Missile Attack on Ukraine Is an Alarming First

This is the first time Russia has used its so-called Oreshnik intermediate-range ballistic missile in combat. The launch also serves as a warning to the West...

AZL-53912 CVE-2024-53088 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

AZL-53954 CVE-2024-53088 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

DEBIAN-CVE-2024-53088

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

UBUNTU-CVE-2024-53088

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

CVE-2024-53088 i40e: fix race condition by adding filter's intermediate sync state

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

Nextcloud 访问控制错误漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from an Access Control Error vulnerability that stems from the fact that when a file is blocked by access control, users can still copy an...

The vulnerability of software for managing and securing environments on IBM Power Systems, IBM PowerSC, arises from the use of an untrusted interdomain policy file. This allows attackers to perform privileged actions and extract confidential information.

The vulnerability of the IBM PowerSC microprocessor architecture is related to the use of an untrusted intermediate policy file. Exploiting this vulnerability allows attackers to perform privileged actions and extract confidential information...

CVE-2024-45614 Header normalization allows for client to clobber proxy set headers in Puma

Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies such as X-Forwarded-For by providing a underscore version of the same header X-ForwardedFor. Any users relying on proxy set variables is affected. v6.4.3/v5.6.9 now...

CVE-2024-45614 Header normalization allows for client to clobber proxy set headers in Puma

Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies such as X-Forwarded-For by providing a underscore version of the same header X-ForwardedFor. Any users relying on proxy set variables is affected. v6.4.3/v5.6.9 now...

Cisco IOS XR 安全漏洞

Cisco IOS XR is a set of operating systems developed by the U.S.-based Cisco for its network devices. A security vulnerability exists in Cisco IOS XR that stems from insufficient input validation of ingress IS-IS packets...

How to Make the Provisioning Services Server Client Coexist with Third-party Network Drivers

This article describes how to run the Provisioning Server client on a target device along with third-party network applications that also occupy the network device driver stack. Background In the Windows Driver Model WDM, systems manage a device through a linked stack of layered device drivers. T...

When to Enable Intermediate Buffering for Local Hard Drive Cache?

Background Enabling Intermediate Buffering improves throughput performance with writing to the write cache drive and can improve target device performance as well. Refer to Buffered Services for additional information on buffered file I/O services. The following are some points to consider before...

PYSEC-2024-209

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the sqrt builtin can result in double eval vulnerability when the argument has side-effects. It can be seen that the buildIR function of the sqrt builtin doesn't cache the argument to...

BIT-GOLANG-2022-1705 Improper sanitization of Transfer-Encoding headers in net/http

Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid...

BIT-DJANGO-2020-24583

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. FILEUPLOADDIRECTORYPERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level...