PT-2025-34937

Name of the Vulnerable Software and Affected Versions: Kea versions 2.7.1 through 2.7.9 Kea version 3.0.0 Kea version 3.1.0 Description: If a DHCPv4 client sends a request with specific options and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an...

CVE-2024-56705

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Add check for rgbydata memory allocation failure In iacss3astatisticsallocate, there is no check on the allocation result of the rgbydata memory. If rgbydata is not successfully allocated, it may trigger the...

UBUNTU-CVE-2024-56705

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Add check for rgbydata memory allocation failure In iacss3astatisticsallocate, there is no check on the allocation result of the rgbydata memory. If rgbydata is not successfully allocated, it may trigger the...

UBUNTU-CVE-2024-56635

In the Linux kernel, the following vulnerability has been resolved: net: avoid potential UAF in defaultoperstate syzbot reported an UAF in defaultoperstate 1 Issue is a race between device and netns dismantles. After calling rtnlunlock from netdevruntodo, we can not assume the netns of each devic...

Reachable assertion in avahi_rdata_parse

...

Reachable assertion in avahi_escape_label

...

Reachable assertion in dbus_set_host_name

...

Reachable assertion in avahi_alternative_host_name

...

Reachable assertion in avahi_dns_packet_append_record

...

PT-2024-13004 · Miniorange · Miniorange Saml Sp Single Sign On

Name of the Vulnerable Software and Affected Versions: miniOrange SAML SP Single Sign On versions prior to 5.0.4 Description: The issue affects the miniOrange SAML SP Single Sign On plugin, allowing for broken access control due to missing authorization. This enables exploitation of incorrectly...

Security update for qemu

This update for qemu fixes the following issues: CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc1229007 CVE-2024-8354: Fixed assertion failure in usbepget in usb bsc1230834 CVE-2024-8612: Fixed information leak in virtio devices...

SUSE-SU-2024:4304-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc1229007 - CVE-2024-8354: Fixed assertion failure in usbepget in usb bsc1230834 - CVE-2024-8612: Fixed information leak in virtio devic...

CVE-2022-35205

...

gRPC: Reachable Assertion

A flaw was found in the gRPC library. Affected versions of this package are vulnerable to a reachable assertion, causing the abort function to be called and resulting in a denial of service...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from Bluetooth firmware mishandling of exceptions, which may result in firmware assertion...

Fedora 40 : php (2024-e0d390d35b)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e0d390d35b advisory. PHP version 8.3.14 21 Nov 2024 CLI: Fixed bug GH-16373 Shebang is not skipped for router script in cli-server started through shebang. ilutov Fixed...

Reachable Assertion

libsndfile.so is vulnerable to Reachable Assertion. The vulnerability is due to improper handling of certain inputs or conditions in the mpegl3encoderclose function, which allows an attacker to craft specific inputs that trigger the assertion failure, potentially causing the application to crash...

CVE-2024-53429

Open62541 v1.4.6 is has an assertion failure in fuzzbinarydecode, which leads to a crash...

DEBIAN-CVE-2024-53429

Open62541 v1.4.6 is has an assertion failure in fuzzbinarydecode, which leads to a crash...

CVE-2024-53429

Open62541 v1.4.6 is has an assertion failure in fuzzbinarydecode, which leads to a crash...