9 matches found
CVE-2024-11003
Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library Modules::ScanDeps which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps...
CVE-2024-50292
In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fix dma channel release in stm32spdifrxremove In case of error when requesting ctrlchan DMA channel, ctrlchan is not null. So the release of the dma channel leads to the following issue: 4.879000...
CVE-2024-47533
Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. utils.getsharedsecret always returns -1, which allows anyone to connect to cobbler...
CVE-2024-32841
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-43530
creationtimestamp| type| source ---|---|--- 2024-11-12 18:26:35+00:00| seen| https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review 2024-11-12 18:40:53+00:00| seen| https://infosec.exchange/users/cve/statuses/113471445573585064...
CVE-2024-50096
In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: Fix vulnerability in migratetoram upon copy error The nouveaudmemcopyone function ensures that the copy push command is sent to the device firmware but does not track whether it was executed successfully. In the cas...
CVE-2024-50046
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42completecopies On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Accidentally, the...
CVE-2024-49976
In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Drop interfacelock in stopkthread stopkthread is the offline callback for "trace/osnoise:online", since commit 5bfbcd1ee57b "tracing/timerlat: Add interfacelock around clearing of kthread in stopkthread", the...
PT-2024-8590
Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 November Security Update Ivanti Endpoint Manager versions prior to 2022 SU6 November Security Update Description The issue is related to SQL injection in Ivanti Endpoint Manager, which allows a...