CVE-2024-56431

ochufftreeunpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash...

CVE-2024-52046

The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows attackers to exploit the deserialization process by sending specially crafted malicious...

CVE-2024-53158

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the frequency returned from clkroundrate is the same as on the previous iteration. However, that check doesn't make sense on the first...

CVE-2024-56201

Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability...

CVE-2024-56378

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc...

CVE-2024-53580

iperf v3.17.1 was discovered to contain a segmentation violation via the iperfexchangeparameters function...

CVE-2024-11614

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

CVE-2024-24786 affecting package flannel for versions less than 0.24.2-8

CVE-2024-24786 affecting package flannel for versions less than 0.24.2-8. A patched version of the package is available...

CVE-2024-39908 affecting package ruby for versions less than 3.3.5-1

CVE-2024-39908 affecting package ruby for versions less than 3.3.5-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-47539

GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the converttos3341a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memory allocated to the storage array and the loo...

CVE-2024-47778

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gstwavparseadtlchunk within gstwavparse.c. This vulnerability arises due to insufficient validation of the size parameter, which can exceed the bounds of the data buffer. ...

CVE-2024-47606

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

CVE-2024-47603

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxupdatetracks function within matroska-demux.c. The vulnerability occurs when the gstcapsisequal function is called with invalid caps...

CVE-2024-47600

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...

CVE-2024-50168 affecting package kernel for versions less than 5.15.173.1-1

CVE-2024-50168 affecting package kernel for versions less than 5.15.173.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-11053

When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but...

CVE-2024-46657

Artifex Software mupdf v1.24.9 was discovered to contain a segmentation fault via the component /tools/pdfextract.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2024-53143

In the Linux kernel, the following vulnerability has been resolved: fsnotify: Fix ordering of iput and watchedobjects decrement Ensure the superblock is kept alive until we're done with iput. Holding a reference to an inode is not allowed unless we ensure the superblock stays alive, which fsnotif...

CVE-2022-28737 affecting package shim-unsigned-aarch64 for versions less than 15.8-5

CVE-2022-28737 affecting package shim-unsigned-aarch64 for versions less than 15.8-5. An upgraded version of the package is available that resolves this issue...

CVE-2024-6156

Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store...