Privileged escalation via crafted use of portcfg command

A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command. This specific exploitation is only possible on IP Extensio...

PT-2024-10205

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to an off-by-one error in the connector status of the glink component in the Linux kernel's USB-C connector status. The UCSI connector's indices start from 1 up to 3...

UBUNTU-CVE-2024-50238

In the Linux kernel, the following vulnerability has been resolved: phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend Commit 413db06c05e7 "phy: qcom-qmp-usb: clean up probe initialisation" removed most users of the platform device driver data from the qcom-qmp-usb driver, but mistakenly also...

CVE-2024-50224 spi: spi-fsl-dspi: Fix crash when not using GPIO chip select

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix crash when not using GPIO chip select Add check for the return value of spigetcsgpiod to avoid passing a NULL pointer to gpioddirectionoutput, preventing a crash when GPIO chip select is not used. Fix below...

serial: protect uart_port_dtr_rts() in uart_shutdown() too

...

spi: nxp-fspi: fix the KASAN report out-of-bounds bug

...

USB: usbtmc: prevent kernel-usb-infoleak

...

openSUSE 15 Security Update : chromium (openSUSE-SU-2024:0357-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0357-1 advisory. Chromium 130.0.6723.116 boo1232843 - CVE-2024-10826: Use after free in Family Experiences - CVE-2024-10827: Use after free in Serial Tenable has...

CVE-2024-50044

...

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

CVE-2019-20462

An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device comes with a serial interface at the board level. By attaching to this serial interface and rebooting the device, a large amount of information is disclosed. This includes the view password and the password of the Wi-Fi acce...

USN-7095-1 linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...

USN-7089-3: Linux kernel vulnerabilities

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...

Chromium: CVE-2024-10827 Use after free in Serial

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2019-20462

An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device comes with a serial interface at the board level. By attaching to this serial interface and rebooting the device, a large amount of information is disclosed. This includes the view password and the password of the Wi-Fi acce...

PT-2024-10738 · Alecto · Alecto Ivm-100

Name of the Vulnerable Software and Affected Versions: Alecto IVM-100 version 2019-11-12 Description: An issue was discovered where a large amount of information is disclosed when attaching to the serial interface at the board level and rebooting the device. This includes the view password and th...

Alecto IVM-100 安全漏洞

The Alecto IVM-100 is a baby monitor with camera from Alecto. A security vulnerability exists in the Alecto IVM-100 version 2019-11-12, which stems from the fact that the device comes with a board-level serial interface, and by connecting to this serial interface and rebooting the device, a large...

KLA76357 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Family Experiences can be exploited to cause denial of...

VulnCheck KEV: CVE-2024-53104

Linux kernel contains an out-of-bounds write vulnerability in the uvcparsestreaming component of the USB Video Class UVC driver that could allow for physical escalation of privilege...