CVE-2024-39501

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-39501

...

CVE-2024-39501

CVE-2024-39501 is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-39501

Removed by vendor...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a data synchronization issue in the interrupt service routine of the dmaengine:xilinx:xdma component...

PT-2024-29194 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns a data synchronization problem in the xdma channel isr function. To address this, the vchan lock is requested before using xdma-stop request. There is no information...

Juniper Networks Junos OS Security Vulnerability

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that arises from an improperly...

The vulnerabilities of the functions cert_store_stats() and get_ca_certs() in the SSL module of the Python programming language interpreter (CPython) allow a malicious individual to gain unauthorized access to protected information.

The vulnerability of the certstorestats and getcacerts functions in the SSL module of the Python programming language interpreter CPython is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

kernel: tipc: fix kernel warning when sending SYN message

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... 13.396352 RIP: 0010:copyfromiter+0xb4/0x550 ... 13.398494 Call Trace: 13.398630 13.398630 ? allocskb+0xed/0x1a...

The vulnerability of the Orion Login.aspx page of the SolarWinds Platform’s network monitoring and IT infrastructure management software allows a perpetrator to carry out a brute-force attack.

The vulnerability of the Orion Login.aspx page of the SolarWinds IT infrastructure monitoring and management software is related to synchronization errors when using a common resource. Exploiting this vulnerability could allow a malicious actor to carry out a brute-force attack...

UBUNTU-CVE-2024-39486

In the Linux kernel, the following vulnerability has been resolved: drm/drmfile: Fix pid refcounting race , Maxime Ripard , Thomas Zimmermann filp-pid is supposed to be a refcounted pointer; however, before this patch, drmfileupdatepid only increments the refcount of a struct pid after storing a...

CVE-2024-38528

The CVE-2024-38528 vulnerability affects ntpd-rs, a tool implementing NTP/NTS. The issue is a missing limit for accepted NTS-KE connections, allowing an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured (non-NTS-KE configurations are unaffected). The flaw is add...

CVE-2024-38528

nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such ...

PT-2024-7594

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue occurs between the system call to close the sock and hci rx work, where the former releases the sock and the latter accesses it without lock protection. This can lead to a work...

CVE-2024-5755

In lunary-ai/lunary versions =v1.2.11, an attacker can bypass email validation by using a dot character '.' in the email address. This allows the creation of multiple accounts with essentially the same email address e.g., '[email protected]' and '[email protected]', leading to incorrect...

CVE-2024-5755

Summary: Lunary-ai/lunary versions ≤ v1.2.11 contain an input validation bypass where a dot in the email address can create multiple accounts that map to the same mailbox, causing synchronization and security concerns. Affected software: lunary-ai/lunary (≤ v1.2.11). Root cause (as described): em...

CVE-2024-5755 Email Validation Bypass in lunary-ai/lunary

In lunary-ai/lunary versions =v1.2.11, an attacker can bypass email validation by using a dot character '.' in the email address. This allows the creation of multiple accounts with essentially the same email address e.g., '[email protected]' and '[email protected]', leading to incorrect...

Lunary Security Breach

Lunary is a production toolkit for LLM that is open sourced by lunary. A security vulnerability exists in Lunary v1.2.11 and earlier versions that stems from allowing the creation of multiple accounts with essentially the same email address, leading to incorrect synchronization and potential...

Astra Linux – Vulnerability in Qemu

A flaw was discovered in the QEMU NBD Server. This vulnerability allows for a Denial-of-Service DoS attack through improper synchronization during socket closure, where a client keeps a socket open while the server is offline...

The vulnerability of the DefaultAzureCredential and ManagedIdentityCredential components of the Azure Identity Libraries and Microsoft Authentication Library allows a perpetrator to escalate their privileges.

The vulnerability of the DefaultAzureCredential and ManagedIdentityCredential components in the Azure Identity Libraries and Microsoft Authentication Library authentication libraries is related to synchronization errors when using a common resource. Exploiting this vulnerability can allow attacke...