74 matches found
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-38619)
usb-storage: alauda: Check whether the media is initialized. The member uzonesize of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. This plugin only works with Tenable.ot. Please visit...
EUVD-2022-3228
Malicious code in bioql PyPI...
EUVD-2022-2602
Malicious code in bioql PyPI...
CVE-2019-16575
A cross-site request forgery vulnerability in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes service account token or credentials...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune CVE-2024-36978 In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized...
kernel: usb-storage: alauda: Check whether the media is initialized
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
kernel: usb-storage: alauda: Fix uninit-value in alauda_check_media()
An uninitialized value vulnerability was found in the alauda USB storage driver in the Linux kernel. In alaudacheckmedia, the function does not verify that USB transfer operations succeeded before using the received data. If a transfer fails, uninitialized memory may be accessed, leading to...
kernel: usb-storage: alauda: Check whether the media is initialized
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
kernel: usb-storage: alauda: Check whether the media is initialized
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
SUSE CVE-2024-38619
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
CVE-2024-38619
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
DEBIAN-CVE-2024-38619
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
UBUNTU-CVE-2024-38619
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
CVE-2024-38619 usb-storage: alauda: Check whether the media is initialized
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
CVE-2024-38619 usb-storage: alauda: Check whether the media is initialized
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
CVE-2024-38619 usb-storage: alauda: Check whether the media is initialized
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
CVE-2024-38619
CVE-2024-38619 (Linux kernel, usb-storage alauda) : The issue arises in the alauda media handling where the field uzonesize can stay zero if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and alauda_write_lba(). The fix, as described in the description, adds a ...
CVE-2024-38619
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...
kernel: usb-storage: alauda: Fix uninit-value in alauda_check_media()
An uninitialized value vulnerability was found in the alauda USB storage driver in the Linux kernel. In alaudacheckmedia, the function does not verify that USB transfer operations succeeded before using the received data. If a transfer fails, uninitialized memory may be accessed, leading to...
GHSA-5HVR-3FCR-WX8C Cross-Site Request Forgery in Jenkins Alauda Kubernetes Suport Plugin
A cross-site request forgery vulnerability in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes service account token or credentials...