CVE-2024-38614

CVE-2024-38614 affects the Linux kernel OpenRISC traps handling. The issue: trap handling could send signals to kernel-mode threads (not user processes), which should not occur; it may be treated as an error when it happens. The patch adds explicit checks to terminate/die when these exceptions ar...

CVE-2024-36970 wifi: iwlwifi: Use request_module_nowait

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Use requestmodulenowait This appears to work around a deadlock regression that came in with the LED merge in 6.9. The deadlock happens on my system with 24 iwlwifi radios, so maybe it something like all worker...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

Takes in a ip list and you...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919 An Vulnerability detection and Exploitation too...

CVE-2024-36932 thermal/debugfs: Prevent use-after-free from occurring after cdev removal

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermaldebugcdevstateupdate and it may free the struct thermaldebugf...

PT-2024-9313

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free vulnerability in the cachefiles component of the Linux kernel. This vulnerability can be exploited to potentially elevate privileges. The...

The vulnerability of the MPTCP protocol implementation in Linux kernel’s mptcp_copy_inaddrs() function allows a attacker to cause a service failure.

The vulnerability in the implementation of the MPTCP protocol in Linux kernel relates to the assignment of a zero pointer in the function mptcpcopyinaddrs in the net/mptcp/protocol.c module, during the processing of the list of nested threads when disabling them. Exploiting this vulnerability can...

Fedora: Security Advisory for glib2 (FEDORA-2024-635a54eb7e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-d198253c42)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-30186 · Mintplex · Anything-Llm

Name of the Vulnerable Software and Affected Versions: Mintplex-Labs' anything-llm application affected versions not specified Description: The application is vulnerable to improper neutralization of special elements used in an expression language statement. This vulnerability arises from the...

CVE-2023-52836

In the Linux kernel, the following vulnerability has been resolved: locking/wwmutex/test: Fix potential workqueue corruption In some cases running with the test-wwmutex code, I was seeing odd behavior where sometimes it seemed flushworkqueue was returning before all the work threads were finished...

CVE-2021-47411

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2021-47411

Removed by vendor...

CVE-2024-36000

CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...

Subhunter - A Fast Subdomain Takeover Tool

Subdomain takeover is a common vulnerability that allows an attacker to gain control over a subdomain of a target domain and redirect users intended for an organization's domain to a website that performs malicious activities, such as phishing campaigns, stealing user cookies, etc. It occurs when...

CVE-2024-4764

Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox 126...

CVE-2024-4764

Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox 126...

CVE-2024-4764

Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox 126...

CVE-2024-4764

Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox 126...

[SECURITY] Fedora 39 Update: glib2-2.78.6-1.fc39

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system...