CVE-2021-47025

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Always enable the clk on resume In mtkiommuruntimeresume always enable the clk, even if m4udom is null. Otherwise the 'suspend' cb might disable the clk which is already disabled causing the warning: 1.586104...

CVE-2021-46976

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix crash in autoretire The retire logic uses the 2 lower bits of the pointer to the retire function to store flags. However, the autoretire function is not guaranteed to be aligned to a multiple of 4, which causes...

CVE-2021-47025 iommu/mediatek: Always enable the clk on resume

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Always enable the clk on resume In mtkiommuruntimeresume always enable the clk, even if m4udom is null. Otherwise the 'suspend' cb might disable the clk which is already disabled causing the warning: 1.586104...

CVE-2021-46976 drm/i915: Fix crash in auto_retire

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix crash in autoretire The retire logic uses the 2 lower bits of the pointer to the retire function to store flags. However, the autoretire function is not guaranteed to be aligned to a multiple of 4, which causes...

cloud.piranha.extension:piranha-extension-hazelcast (>=21.11.0 <=22.2.0), cn.vertxup:infix-mysql (=0.8.1) +124 more potentially affected by CVE-2023-45859 via com.hazelcast:hazelcast (>=5.0 <=5.0.5)

com.hazelcast:hazelcast MAVEN version =5.0, =21.11.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.8.1 and more Source cves: CVE-2023-45859 Source advisory: OSV:GHSA-XH6M-7CR7-XX66...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: ARM: 9063/1: mm: reduce maximum number of CPUs if DEBUGKMAPLOCAL is enabled The debugging code for kmaplocal doubles the number of per-CPU fixmap slots allocated for kmaplocal, in order to use half of them as guard regions. This...

CVE-2023-7033

Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-R series CPU module, MELSEC iQ-L series CPU module, MELSEC iQ-R Ethernet Interface Module, MELSEC iQ-R CC-Link IE TSN Master/Local Module, CC-Link IE TSN Remote I/O Module, CC-Link IE TSN...

Denial of service

Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote attacker to cause a temporary Denial of Service condition for a certain period of time in Ethernet communication of the products by performing TCP SYN...

CVE-2023-7033

CVE-2023-7033 describes an Insufficient Resource Pool vulnerability in the Ethernet function affecting Mitsubishi Electric MELSEC product families (including MELSEC iQ-F/FX5, iQ-R, iQ-L series CPUs and related Ethernet/communication modules, motion modules, inverters, and related CC‑Link IE TSN a...

CVE-2023-7033

Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-R series CPU module, MELSEC iQ-L series CPU module, MELSEC iQ-R Ethernet Interface Module, MELSEC iQ-R CC-Link IE TSN Master/Local Module, CC-Link IE TSN Remote I/O Module, CC-Link IE TSN...

CVE-2023-7033

Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-R series CPU module, MELSEC iQ-L series CPU module, MELSEC iQ-R Ethernet Interface Module, MELSEC iQ-R CC-Link IE TSN Master/Local Module, CC-Link IE TSN Remote I/O Module, CC-Link IE TSN...

The vulnerability of Kaspersky Endpoint Security’s antivirus protection for Windows relates to the insecure management of privileges, allowing a malicious actor to disable the security modules.

The vulnerability of Kaspersky Endpoint Security’s antivirus protection for Windows relates to the insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to temporarily disable the protection modules during product installation or reinstallation scenarios...

PT-2024-1793 · Kaspersky · Kaspersky Endpoint Security For Windows

Name of the Vulnerable Software and Affected Versions: Kaspersky Endpoint Security for Windows affected versions not specified Description: The issue is related to insecure privilege management in Kaspersky Endpoint Security for Windows. It may allow a remote attacker to suspend the operation of...

CVE-2023-52435 net: prevent mss overflow in skb_segment()

In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...

org.apache.camel.quarkus:camel-quarkus-integration-test-jta (>=3.5.0 <=3.36.0), org.apache.camel.quarkus:camel-quarkus-integration-test-langchain4j-tools (>=3.35.0 <=3.36.0) +8 more potentially affected by CVE-2024-22369 via org.apache.camel:camel-sql (>=4.1.0 <=4.3.0)

org.apache.camel:camel-sql MAVEN version =4.1.0, =3.5.0, =3.35.0, =3.5.0, =3.5.0, =3.5.0, =3.5.0, =4.1.0, =9.1.0, =9.1.0, =9.1.0, =10.0.0 Source cves: CVE-2024-22369 Source advisory: OSV:GHSA-36XR-4X2F-CFJ9...

golang: cmd/go: Protocol Fallback when fetching modules

A flaw was found in the Golang package cmd/go. This issue permits the fallback to insecure "git://" if trying to fetch a .git module that has no "https://" or "git+ssh://" available...

Remote Code Execution (RCE)

redaxo/source is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of user-supplied input within the 'Template' functionality with in modules.modules.php, which allows attackers to execute arbitrary code...

GHSA-7F2V-5877-RX3X Code injection in REDAXO

An issue was discovered in REDAXO version 5.15.1, allows attackers to execute arbitrary code and obtain sensitive information via modules.modules.php...

Code injection

An issue was discovered in REDAXO version 5.15.1, allows attackers to execute arbitrary code and obtain sensitive information via modules.modules.php...

Yakamara Media Redaxo CMS Security Vulnerability

Yakamara Media Redaxo CMS is Yakamara Media organization of a set of open source Web portal content management system . The system supports custom modules, plugin extensions, project backups and more. A security vulnerability exists in Yakamara Media Redaxo CMS version 5.15.1, which originates fr...