EUVD-2024-51874

Malicious code in bioql PyPI...

CVE-2019-11549

An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. Gitaly has allows an information disclosure issue where HTTP/GIT credentials are included in logs on connection errors...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of drmerr instead of deverr for the HPD path, which could lead to null pointer dereferencing...

CVE-2024-46751

CVE-2024-46751 affects the Linux kernel's BTRFS path btrfs_lookup_extent_info(), where a 0 reference count could trigger a BUG_ON(). The fix replaces BUG_ON() with returning -EUCLEAN, aborting the transaction, and logging an error. This is documented in Debian/Ubuntu advisories and included in pa...

shim: Out-of-bounds read printing error messages

A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...

CVE-2023-52267

ehttp 1.0.6 before 17405b9 has a simplelog.cpp log out-of-bounds-read during error logging for long strings...

Moderate: Red Hat Security Advisory: convert2rhel security, bug fix, and enhancement update

An update for convert2rhel is now available for Convert2RHEL for RHEL-8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Moderate: Red Hat Security Advisory: convert2rhel security, bug fix, and enhancement update

An update for convert2rhel is now available for Convert2RHEL for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2020-35501

A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem...

SUSE-SU-2021:3619-1 Security update for libvirt

This update for libvirt fixes the following issues: - lxc: controller: Fix container launch on cgroup v1. bsc1183247 - supportconfig: Use systemctl command 'is-active' instead of 'is-enabled' when checking if libvirtd is active. - qemu: Do not report error in the logs when processing monitor IO...

OPENSUSE-SU-2021:3619-1 Security update for libvirt

This update for libvirt fixes the following issues: - lxc: controller: Fix container launch on cgroup v1. bsc1183247 - supportconfig: Use systemctl command 'is-active' instead of 'is-enabled' when checking if libvirtd is active. - qemu: Do not report error in the logs when processing monitor IO...

httpd: mod_http2 concurrent pool usage

A flaw was found in Apache httpd in versions 2.4.20 to 2.4.43. Logging using the wrong pool by modhttp2 at debug/trace log level may lead to potential crashes and denial of service. The highest threat from this vulnerability is to system availability...

Cisco IOS XE HTTP Server Denial of Service Vulnerability

Cisco IOS XE is a set of operating systems developed by Cisco for its network devices. A denial of service vulnerability exists in the HTTP server code of Cisco IOS XE. The vulnerability stems from a logic error in the logging mechanism. An attacker could exploit this vulnerability to cause the...

CVE-2018-19863

An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. A mistake in error logging resulted in instances where sensitive data passed from Safari to 1Password could be logged locally on the user's machine. This data could include usernames and passwords that a user manually...

UPM Failing for account with error "The specified account does not exist."

Users not receiving a UPM profile when logging into application. When logging in UPM fails, within the UPM logs we only see the following logged :- 2016-08-25;14:11:45.659;INFORMATION;EXTRANET;x9027690;3;15276;CADUser::Init: Determined user and DNS domain name: ,...

zkfingerd SysLog 0.9.1 Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6402/info zkfingerd is prone to a format string vulnerability. This problem is due to incorrect use of the 'syslog' function to log error messages. It is possible to corrupt memory by passing format strings through the...