CVE-2024-21892

On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

UBUNTU-CVE-2024-21892

On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

CVE-2024-21892

On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

CVE-2024-21892

On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

CVE-2024-21892

On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

null -- null

[email protected] reports: On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node....

PrestaShop Path Traversal Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A path traversal vulnerability exists in PrestaShop versions 8.1.0 through prior to 8.1.4, which stems from...

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 A PHP External Variable Modification vulnerab...

SUSE CVE-2024-21892

On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

CVE-2024-21892

A flaw was found in Node.js. On Linux, Node.js ignores certain environment variables if an unprivileged user has set them while the process is running with elevated privileges, except for CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

CVE-2024-23805

Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables...

CVE-2024-23805

Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables...

Default configuration

Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables...

K000137334: F5 Application Visibility and Reporting module and BIG-IP Advanced WAF/ASM vulnerability CVE-2024-23805

Security Advisory Description Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and th...

Moderate: Red Hat Security Advisory: sudo security update

A security update for sudo is now available for Red Hat Enterprise Linux 8 and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

PT-2024-8049

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: The issue is related to the parsing of maliciously crafted MODEL files in the ASMkern229A.dll library through Autodesk applications. This can lead to the use of uninitialized...

PT-2024-7761

Name of the Vulnerable Software and Affected Versions Autodesk AutoCAD affected versions not specified Description The issue is related to the parsing of maliciously crafted STP files in the stp aim x64 vc15d.dll library through Autodesk applications. This can lead to the use of uninitialized...

Moderate: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Bug Fixes and Enhancements: CVE-2023-28487 sudo: Sudo does no...

The vulnerability of the Gradle plugin for the Quarkus Java framework, which allows a hacker to exploit and disclose protected information

The vulnerability of the Gradle plugin for the Quarkus Java framework is related to the disclosure of information through environment variables. Exploiting this vulnerability allows an attacker to disclose the protected information...

PT-2024-19687 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: A maliciously crafted STP or SLDPRT file, when parsed in ODXSW DLL.dll through Autodesk applications, can be used to access uninitialized variables. This issue, combined with other...