CVE-2024-49898

CVE-2024-49898 affects the Linux kernel’s drm/amd/display component. The root cause is that drr_timing and subvp_pipe are initialized to null and are not consistently re-assigned before being dereferenced, leading to two FORWARD_NULL issues reported by Coverity. The issue is addressed by kernel f...

CVE-2024-49892 drm/amd/display: Initialize get_bytes_per_element's default to 1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize getbytesperelement's default to 1 Variables, used as denominators and maybe not assigned to other values, should not be 0. bytesperelementy & bytesperelementc are initialized by getbytesperelement whic...

CVE-2024-49892

CVE-2024-49892 (Linux kernel) : Affects the DRM/AMD display path. The bug was caused by get_bytes_per_element() potentially returning 0, leading to multiple DIVIDE_BY_ZERO errors. The patch initializes the default to 1, ensuring bytes_per_element_y and bytes_per_element_c are never denominators o...

CVE-2024-47708 netkit: Assign missing bpf_net_context

In the Linux kernel, the following vulnerability has been resolved: netkit: Assign missing bpfnetcontext During the introduction of struct bpfnetcontext handling for XDP-redirect, the netkit driver has been missed, which also requires it because NETKITREDIRECT invokes skbdoredirect which is...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of uninitialized variables in the drm/amd/display driver, which could lead to null pointer...

PT-2024-33738

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the drm/amd/display component. The issue involves null-initialized variables drr timing and subvp pipe, which are...

CVE-2024-45711

SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication...

CVE-2024-45711 SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability

SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication...

CVE-2024-45711

CVE-2024-45711 affects SolarWinds Serv-U FTP Server. The vulnerability is a directory traversal that can lead to remote code execution when an authenticated user abuses environment variables. Authentication is required, and impact is conditioned on privileges granted to the user. Several connecte...

CVE-2024-45711 SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability

SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication...

Qnap QTS Bash OS Command Injection (CVE-2014-6271)

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and modcg...

Qnap QTS Bash OS Command Injection (CVE-2014-7169)

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the...

GHSA-R9MQ-3C9R-FMJQ Vendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategy

Description Path traversal This vulnerability allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data such as configuration files, environment variables, and other critical data stored on the...

CVE-2024-48914

Summary (CVE-2024-48914): Vendure’s asset server plugin allows an attacker to traverse the server filesystem and read arbitrary files, including configs and environment data, due to using the decoded request path directly in path.join (no normalization). A second vector in the same code path can ...

CVE-2024-48914 Vendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategy

Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data...

CVE-2024-48914 Vendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategy

Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data...

PT-2024-33057 · Wavelog · Wavelog

Name of the Vulnerable Software and Affected Versions: Wavelog version 1.8.5 Description: The issue is an SQL injection vulnerability in the Activated gridmap model.php file. This vulnerability can be exploited through the band, sat, propagation, or mode variables. Recommendations: For Wavelog...

OESA-2024-2245 opensc security update

OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the standard APIs to sma...

drm/amd/display: Add null checker before passing variables

...

Expected Behavior Violation

@backstage/plugin-app-backend is vulnerable to Expected Behavior Violation. The vulnerability is due to the handling of APPCONFIG environment variables, which ignores the visibility defined in the configuration schema. Note: This was an intended feature of the APPCONFIG way of supplying...