GHSA-6JGW-RGMM-7CV6 PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references

The family of functions to read "borrowed" values from Python weak references were fundamentally unsound, because the weak reference does itself not have ownership of the value. At any point the last strong reference could be cleared and the borrowed value would become dangling. In PyO3 0.22.4...

Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954: net:...

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808 CVE-2024-40909: bpf: Fix a potential use-after-free in bpflinkfree bsc1228349. Patch...

GHSA-27VH-H6MC-Q6G8 btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality

Impact The btcd Bitcoin client versions 0.10 to 0.24 did not correctly re-implement Bitcoin Core's "FindAndDelete" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block or rejecting a...

CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

Exploit for Command Injection in Avtech Avm1203_Firmware

EN GenAvTechRCEExploit A PoC exploit for the CVE-2024-7029...

Schneider Electric Data Center Expert

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : Data Center Expert Vulnerability : Improper Verification of Cryptographic Signature, Missing Authentication for Critical Function 2. RISK EVALUATION Successful...

PT-2024-6501

Name of the Vulnerable Software and Affected Versions cups versions prior to 2.4.11-alt1 cups-browsed versions prior to 2.0.1-0ubuntu2.1 cups-filters affected versions not specified Description The Common UNIX Printing System CUPS and related components, including cups-browsed and cups-filters, a...

CVE-2024-46984 XML External Entity Reference (XXE) vulnerability can lead to a Server Side Request Forgery attack in gematik app-referencevalidator

The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox...

Important: kernel-livepatch-5.10.220-209.867

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error CVE-2024-41087 Affected Packages: kernel-livepatch-5.10.220-209.867 Issue Correction: Please ensure you have live patching enabled. Run yum update...

CVE-2024-46982

Next.js is a React framework for building full-stack web applications. By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router this does not affect the app router. When this crafted request is sent it could coerce Next....

CVE-2024-46982

CVE-2024-46982 affects Next.js pages router SSR caching: crafted requests can poison non-dynamic SSR routes (e.g., pages/dashboard.tsx) and lead to caching of sensitive responses with Cache-Control: s-maxage=1, stale-while-revalidate, potentially spreading via upstream CDNs. Affected versions are...

RHSA-2016:2994 Red Hat Security Advisory: Red Hat Ceph Storage 1.3 security update

Bulletin has no description...

RHSA-2012:0514 Red Hat Security Advisory: java-1.6.0-ibm security update

Bulletin has no description...

PT-2024-39155 · WordPress · Wpfactory Helper

Name of the Vulnerable Software and Affected Versions: WPFactory Helper plugin for WordPress versions up to, and including, 1.7.0 Description: The WPFactory Helper plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on...

path-to-regexp outputs backtracking regular expressions

Impact A bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period .. For example, /:a-:b. Patches For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0. These versions add backtrack protection...

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10...

CVE-2024-43803

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. The BareMetalHost BMH CRD allows the userData, metaData, and networkData for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for both the Name and Namespace of th...

PT-2024-28557 · Unknown · Listingpro

Name of the Vulnerable Software and Affected Versions: ListingPro versions through 2.9.4 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows attackers to exploit the system, potentially leading ...

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

The U.S. Cybersecurity and Infrastructure Security Agency CISA has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. The medium-severity vulnerability, tracked as CVE-2024-39717 CVSS score: 6.6, is case of...