CVE-2024-1593

This CVE describes a path traversal vulnerability in the mlflow/mlflow repository caused by improper handling of URL parameters. Attackers can smuggle path traversal sequences using the ';' character in URLs to manipulate the 'params' portion and access unauthorized files or directories. The repo...

FreeBSD : go -- http2: close connections when receiving too many headers (cdb5e0e3-fafc-11ee-9c21-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cdb5e0e3-fafc-11ee-9c21-901b0e9408dc advisory. - An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an...

Linux kernel on Intel systems is susceptible to Spectre v2 attacks

Overview A new cross-privilege Spectre v2 vulnerability that impacts modern CPU architectures supporting speculative execution has been discovered. CPU hardware utilizing speculative execution that are vulnerable to Spectre v2 branch history injection BHI are likely affected. An unauthenticated...

CVE-2023-45288 HTTP/2 CONTINUATION flood in net/http

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

CVE-2024-2193

A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the...

CVE-2024-2193

A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the...

The vulnerability of the IBM Cloud Pak for Data Analysis and Management platform, known as CP4D, arises from improper external management of file names or paths. This allows attackers to modify any arbitrary files or data within the system.

The vulnerability of the IBM Cloud Pak for Data Analysis and Management platform CP4D is related to improper external management of file names or paths. Exploiting this vulnerability could allow a attacker to modify any arbitrary files or data within the system...

CVE-2024-2193

A new cache speculation vulnerability, known as Spectre-SRC Speculative Race Conditions, was found in hw. Spectre-SRC is similar to the Spectre v1 and allows speculative use-after-free. The difference between this issue and Spectre V1 is that this issue is based on synchronization primitives with...

BIT-TENSORFLOW-2021-37687 Heap OOB in TensorFlow Lite's `Gather*` implementations

TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's GatherNd implementation does not support negative indices but there are no checks for this situation. Hence, an attacker can read arbitrary data from the heap by carefully crafting a model with...

The vulnerability of the Hitachi Storage Plug-in for VMware vCenter, related to the incorrect use of standard permissions, allows a malicious actor to read and update arbitrary data.

The vulnerability of the Hitachi Storage Plug-in for VMware vCenter is related to the incorrect use of standard permissions. Exploiting this vulnerability allows an attacker to read and update arbitrary data...

DEBIAN-CVE-2023-36177

An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute arbitrary code and gain sensitive information via crafted request in JSON-RPC-API...

The vulnerability of the APK-reverse engineering tool Apktool in Android systems arises from incorrect path name restrictions for restricted directories. This allows attackers to write or overwrite arbitrary data.

The vulnerability of the APK-reverse engineering tool Apktool relates to an incorrect path name limitation for the restricted access directory. Exploiting this vulnerability could allow a perpetrator to write or overwrite arbitrary data...

Bosch Nexo cordless nutrunner security breach

Bosch Nexo Cordless nutrunner is a series of cordless tightening wrenches with integrated controls from Bosch Germany. A security vulnerability exists in Bosch Nexo cordless nutrunner. The vulnerability allows an unauthenticated, remote attacker to read arbitrary content from the results database...

PT-2024-1493 · Nexo-Os · Nexo-Os

Name of the Vulnerable Software and Affected Versions: NEXO-OS affected versions not specified Description: The issue allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request. This is related to a lack of protection for the SQL query...

GLSA-202311-08 : GNU Libmicrohttpd: Buffer Overflow Vulnerability

The remote host is affected by the vulnerability described in GLSA-202311-08 GNU Libmicrohttpd: Buffer Overflow Vulnerability - A flaw was found in libmicrohttpd. A missing bounds check in the postprocessurlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary...

RHEL 8 : squid:4 (RHSA-2023:7213)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7213 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Deni...

NVIDIA Windows GPU Display Driver (October 2023)

A display driver installed on the remote Windows host is affected by multiple vulnerabilities, including the following: - NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to write arbitrary data to privileged locations by using reparse points. A...

CVE-2023-42543

Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege...

Input validation

Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege...

CVE-2023-42543

Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege...