Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Hackers Exploit Legitimate Packer Software to Spread Malware Undetected

Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and information stealers. "The majority of the attributed malicious samples targeted financial institutions and...

CVE-2023-52793

CVE-2023-52793 is rejected by its CVE Numbering Authority and does not represent an active vulnerability entry.

CVE-2023-52793

Removed by vendor...

PT-2024-14751 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A fix has been applied to the Linux kernel to resolve an array out-of-bound access issue in the syscall tp user component of the bpf samples. Recommendations: At the moment, there is n...

UBUNTU-CVE-2024-35925

In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blkrqstatsum The expression dst-nrsamples + src-nrsamples may have zero value on overflow. It is necessary to add a check to avoid division by zero. Found by Linux Verification Center...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the expression dst-nrsamples + src-nrsamples may have a value of zero upon overflow...

DEBIAN-CVE-2023-50007

FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the avsamplessetsilence function in thelibavutil/samplefmt.c:260:9 component...

UBUNTU-CVE-2023-50007

FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the avsamplessetsilence function in thelibavutil/samplefmt.c:260:9 component...

Change Healthcare Faces Another Ransomware Threat—and It Looks Credible

Change Healthcare ransomware hackers already received a $22 million payment. Now a second group is demanding money, and it has sent WIRED samples of what they claim is the company's stolen data...

DEBIAN-CVE-2024-30916

An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service DoS and obtain sensitive information via a crafted maxsamples parameter in DurabilityService QoS component...

CVE-2024-30915

An issue was discovered in OpenDDS commit b1c534032bb62ad4ae32609778de6b8d6c823a66, allows a local attacker to cause a denial of service and obtain sensitive information via the maxsamples parameter within the DataReaderQoS component...

The vulnerability of the `flush_ref_samples()` function in the file `/gpac/src/isomedia/movie_fragments.c` of the multimedia platform GPAC allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the flushrefsamples function in the file /gpac/src/isomedia/moviefragments.c of the multimedia platform GPAC is related to the incorrect use of dynamic memory during program execution. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

OESA-2024-1217 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...

CVE-2024-24148

creationtimestamp| type| source ---|---|--- 2024-02-28 21:26:56+00:00| seen| https://t.me/ctinow/195878 2024-02-28 21:27:06+00:00| seen| https://t.me/ctinow/195888...

CVE-2024-24564

creationtimestamp| type| source ---|---|--- 2024-02-26 18:36:30+00:00| published-proof-of-concept| https://github.com/vyperlang/vyper/security/advisories/GHSA-4hwq-4cpm-8vmx 2024-02-26 21:26:20+00:00| seen| https://t.me/ctinow/193769 2024-02-26 21:31:45+00:00| seen| https://t.me/ctinow/193776...

CVE-2024-1590

creationtimestamp| type| source ---|---|--- 2024-02-23 11:26:24+00:00| seen| https://t.me/ctinow/191652 2024-02-23 11:26:27+00:00| seen| https://t.me/ctinow/191655 2024-03-13 16:41:41+00:00| seen| https://t.me/ctinow/206873...

CVE-2024-26578

creationtimestamp| type| source ---|---|--- 2024-02-22 11:26:55+00:00| seen| https://t.me/ctinow/190634 2024-02-22 11:27:02+00:00| seen| https://t.me/ctinow/190640...

CVE-2023-52427

In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resourcelimits.maxsamples. NOTE: the vendor's position is that the product is not designed to handle a maxsamples value that is too large for the amount of memory on the system...

CVE-2023-52427

In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resourcelimits.maxsamples. NOTE: the vendor's position is that the product is not designed to handle a maxsamples value that is too large for the amount of memory on the system...