CVE-2024-39809 BIG-IP Next Central Manager vulnerability

The Central Manager user session refresh token does not expire when a user logs out. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP Next Central Manager 安全漏洞

F5 BIG-IP Next Central Manager is a centralized console from F5 USA. A security vulnerability exists in F5 BIG-IP Next Central Manager that stems from the Central Manager user session refresh token not expiring when a user logs off...

PT-2024-28679 · Unknown · Central Manager

Name of the Vulnerable Software and Affected Versions: Central Manager affected versions not specified Description: The issue concerns the Central Manager user session refresh token, which does not expire when a user logs out. This could potentially allow unauthorized access to user sessions. Not...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an exception in the RCU read section where the cachestat function is refreshing statistics...

SUSE CVE-2022-48843

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

DEBIAN-CVE-2022-48843

In the Linux kernel, the following vulnerability has been resolved: drm/vrr: Set VRR capable prop only if it is attached to connector VRR capable property is not attached by default to the connector It is attached only if VRR is supported. So if the driver tries to call drm core set prop function...

Screen Refresh Issues Through a Seamless Pass-Through Session

The screen might not repaint properly because of a poor refresh rate. Therefore, certain areas of the application appear grayed out or distorted. This happens when running an application in seamless mode while utilizing the pass-through client on the server. Manually refreshing the application do...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure of the cachefiles component to remove requests from the xarray when refreshing them, which could...

Red Hat Undertow Security Vulnerability

Red Hat Undertow is a Java-based embedded web server from Red Hat, Inc. and is the default web server for Wildfly Java Application Server. A security vulnerability exists in Red Hat Undertow that stems from a chunked response that hangs after a body refresh, which can lead to uncontrolled resourc...

CBL Mariner 2.0 Security Update: postgresql (CVE-2024-0985)

The version of postgresql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0985 advisory. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to...

SUSE CVE-2022-48742

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: make sure to refresh masterdev/mops in rtnlnewlink While looking at one unrelated syzbot bug, I found the replay logic in rtnlnewlink to potentially trigger use-after-free. It is better to clear masterdev and mops insi...

CVE-2022-48742

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: make sure to refresh masterdev/mops in rtnlnewlink While looking at one unrelated syzbot bug, I found the replay logic in rtnlnewlink to potentially trigger use-after-free. It is better to clear masterdev and mops insi...

kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...

The vulnerability of the “nimble refresh” function in the Nimble programming language’s package manager allows attackers to execute a “man-in-the-middle” attack or execute arbitrary code.

The vulnerability of the “nimble refresh” function in the Nimble programming language package manager is related to the lack of checks on the loaded packages due to an error in the authentication process. Exploiting this vulnerability allows a malicious actor to execute a “man-in-the-middle” atta...

GHSA-632P-P495-25M5 Directus is soft-locked by providing a string value to random string util

Describe the Bug Providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of service situation where logged in sessions can no longer be refreshed as sessions...

UBUNTU-CVE-2024-36963

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

PT-2024-26913 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions prior to 10.11.2 Description: Directus is a real-time API and App dashboard for managing SQL database content. Providing a non-numeric length value to the random string generation utility will create a memory issue, breaking...

CVE-2024-28736

An issue in Debezium Community debezium-ui v.2.5 allows a local attacker to execute arbitrary code via the refresh page function...

PT-2024-22549 · Unknown · Debezium Community Debezium-Ui

Name of the Vulnerable Software and Affected Versions: Debezium Community debezium-ui version 2.5 Description: An issue in Debezium Community debezium-ui allows a local attacker to execute arbitrary code via the refresh page function. Recommendations: For Debezium Community debezium-ui version 2....

DEBIAN-CVE-2024-36906

In the Linux kernel, the following vulnerability has been resolved: ARM: 9381/1: kasan: clear stale stack poison We found below OOB crash: 33.452494 ================================================================== 33.453513 BUG: KASAN: stack-out-of-bounds in...