CVE-2024-27863

CVE-2024-27863 is an information-disclosure vulnerability in Apple’s kernel related to insufficient private data redaction in log entries. A local attacker could determine kernel memory layout. Apple has fixed the issue in iOS 17.6, iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, and macOS So...

CVE-2024-42096

In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profilepc The 'profilepc' function is used for timer-based profiling, which isn't really all that relevant any more to begin with, but it also ends up making assumptions based on the stack layout...

DEBIAN-CVE-2024-42096

In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profilepc The 'profilepc' function is used for timer-based profiling, which isn't really all that relevant any more to begin with, but it also ends up making assumptions based on the stack layout...

CVE-2024-42096

In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profilepc The 'profilepc' function is used for timer-based profiling, which isn't really all that relevant any more to begin with, but it also ends up making assumptions based on the stack layout...

UBUNTU-CVE-2024-42096

In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profilepc The 'profilepc' function is used for timer-based profiling, which isn't really all that relevant any more to begin with, but it also ends up making assumptions based on the stack layout...

CVE-2024-42096 x86: stop playing stack games in profile_pc()

In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profilepc The 'profilepc' function is used for timer-based profiling, which isn't really all that relevant any more to begin with, but it also ends up making assumptions based on the stack layout...

CVE-2024-42096 x86: stop playing stack games in profile_pc()

In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profilepc The 'profilepc' function is used for timer-based profiling, which isn't really all that relevant any more to begin with, but it also ends up making assumptions based on the stack layout...

PT-2024-22090 · Apple · Macos Sonoma +6

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.6 iPadOS versions prior to 17.6 watchOS versions prior to 10.6 tvOS versions prior to 17.6 visionOS versions prior to 1.3 macOS Sonoma versions prior to 14.6 Description: An information disclosure issue was addressed...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS prior to version 17.6 and iPadOS prior to version 17.6, which stems fro...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from making assumptions in the profilepc function based on the stack layout that may not hold in modern...

PT-2024-37219 · WordPress · Ultimate Classified Listings

Name of the Vulnerable Software and Affected Versions: The Ultimate Classified Listings WordPress plugin versions prior to 1.3 Description: The issue allows unauthenticated users to access PHP files on the server from the listings page due to a lack of validation for the ucl page and layout...

WordPress plugin Ultimate Classified Listings 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

Chromium: CVE-2024-6994 Heap buffer overflow in Layout

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

KLA71043 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a buffer overflow vulnerability that stems from incorrect boundary checking in Layout. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause the application to crash...

Google Chrome < 127.0.6533.72 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 127.0.6533.72. It is, therefore, affected by multiple vulnerabilities as referenced in the 202407stable-channel-update-for-desktop23 advisory. - Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a...

PT-2024-5274 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 127.0.6533.72 Microsoft Edge affected versions not specified Description: The issue is related to a heap buffer overflow in the Layout component, which could allow a remote attacker to exploit heap corruption v...

CVE-2024-41603

Spina CMS v2.18.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the URI /admin/layout...

CVE-2024-41603

Spina CMS v2.18.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the URI /admin/layout...

CVE-2024-41603

Spina CMS v2.18.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the URI /admin/layout...