xmlrpc-c security update

An update is available for xmlrpc-c. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list XML-RPC is a remote procedure call RPC protocol that uses XML to encode its...

CVE-2024-50154

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler. """ We are seeing a use-after-free from a bpf prog attached to tracetcpretransmitsynack. The program passes th...

Moderate: Red Hat Security Advisory: xmlrpc-c security update

An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Moderate: xmlrpc-c security update

XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC remote procedure call over the Internet. It converts an RPC into an XML document,...

ALSA-2024:8859 Moderate: xmlrpc-c security update

XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC remote procedure call over the Internet. It converts an RPC into an XML document,...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system allows a hacker to gain unauthorized access for reading, creating, modifying, and deleting data, or to cause service failures.

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain unauthorized access for reading, creating, modifying, and deleting data, or to caus...

Vulnerability of the Server: Thread Pooling component of the Oracle MySQL Server database management system. This allows attackers to cause service interruptions.

The vulnerability of the Server: Thread Pooling component of the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the network MySQL protocol...

The vulnerability of the InnoDB component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the network MySQL protocol...

Vulnerability of the Server component: The Information Schema of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

Vulnerability of the Server component: The information schema of the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability may allow a malicious actor to cause service interruptions using the MySQL network protocol...

Vulnerability of the Server: X Plugin component of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the Oracle MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain access to read, modify, or delete data.

Vulnerability of the MySQL Cluster component: General database management system vulnerabilities related to MySQL Cluster are associated with insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete access to data using the MySQL...

The vulnerability of the InnoDB component of the MySQL Database Server, which allows a hacker to cause a service failure

The vulnerability of the InnoDB component in the MySQL Database Management System is related to errors in the authentication process due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

Vulnerability of the MySQL Server component: The Telemetry feature of the MySQL Server management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the MySQL Server component relates to insufficient protection of operational data due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the MySQL network...

PT-2024-9127 · Cisco · Cisco Firepower Services +2

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Cisco FirePOWER Services affected versions not specified Description: A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine could allo...

UBUNTU-CVE-2024-50038

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTOUNSPEC where needed syzbot managed to call xtcluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xtcluster.c:72 xtclustermt+0x196/0x780 .. ebtdotable+0x174b/0x2a40 Module register...

PT-2024-31529 · Helmholz +1 · Rex100 +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication. This issue allows a remote attacker to r...

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.linux-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code execution...

PT-2024-7080 · D Link · Dcs-960L

Name of the Vulnerable Software and Affected Versions: D-Link DCS-960L version 1.09 Description: A stack overflow vulnerability exists in the sub 402280 function of the HNAP service, allowing an attacker to execute arbitrary code. This issue can be exploited by a remote attacker. Recommendations:...

USN-7021-4 linux-azure-fde-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC...