[SECURITY] Fedora 39 Update: rust-cargo-insta-1.38.0-2.fc39

A review tool for the insta snapshot testing library for Rust...

[SECURITY] Fedora 39 Update: python3.6-3.6.15-28.fc39

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919-Check-Point-Remote-Access-VPN CVE-2024-24919...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919-POC Read about it - https://nvd.nist.gov/...

[SECURITY] Fedora 40 Update: python3.6-3.6.15-30.fc40

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

CVE-2024-36118

MeterSphere is a test management and interface testing tool. In affected versions users without workspace permissions can view functional test cases of other workspaces beyond their authority. This issue has been addressed in version 2.10.15-lts. Users of MeterSphere are advised to upgrade. There...

CVE-2024-36118 Unauthorized viewing of workspace test cases in MeterSphere

MeterSphere is a test management and interface testing tool. In affected versions users without workspace permissions can view functional test cases of other workspaces beyond their authority. This issue has been addressed in version 2.10.15-lts. Users of MeterSphere are advised to upgrade. There...

CVE-2024-36118

MeterSphere (test management/interface testing tool) contains an information-disclosure flaw where users lacking workspace permissions could view functional test cases from other workspaces. The issue is remedied in version 2.10.15-lts; upgrade recommended. No exploit details are provided in the ...

CVE-2024-36896

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

Checkpoint POC Exploit for testing purposes to retrieve sen...

PT-2024-40408 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 affected versions not specified Description: A issue has been found where calling a PHP script, delivered with TYPO3 for testing purposes, reveals the absolute server path to the TYPO3 installation. Recommendations: At the moment, there...

CVE-2021-47433

A vulnerability was found in the btrfs file system's btrfsreplacefileextents function within the Linux kernel. This issue potentially leads to an abort logic failure, impacting the integrity and stability of file operations...

Fedora: Security Advisory for rust-cargo-insta (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: rust-cargo-insta-1.38.0-2.fc40

A review tool for the insta snapshot testing library for Rust...

UK PSTI? You’ll need a Vulnerability Disclosure Program!

If you are distributing or selling smart devices in to the UK market, your products will need to be compliant with the UK Product Security and Telecommunications Act. One of the three mandatory areas is that you have a vulnerability disclosure program VDP In the supporting materials for the Act,...

UBUNTU-CVE-2021-47476

In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in...

CVE-2021-47433

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfsreplacefileextents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the if statement to decide...

CVE-2021-47433

The CVE-2021-47433 issue is in the Linux kernel's btrfs code: an incorrect abort condition in the btrfs_replace_file_extents path could cause filesystem corruption with a missing extent in the middle of a file. The root cause is an abort decision that only checked ret != -EOPNOTSUPP in certain pa...

CVE-2023-52855 usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In dwc2hcdurbenqueue, "urb-hcpriv = NULL" is executed without holding the lock "hsotg-lock". In dwc2hcdurbdequeue: spinlockirqsave&hsotg-lock, flags;...

CVE-2023-52855

CVE-2023-52855: Linux kernel USB-DWC2 driver race condition. When _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() run concurrently, urb->hcpriv can be NULL-checked before urb->hcpriv is assigned NULL, enabling a NULL dereference in dwc2_hcd_urb_dequeue. The connected documents confirm t...