CVE-2024-8354

CVE-2024-8354 affects QEMU: a flaw in usb_ep_get() (hw/net/core.c) could allow a malicious unprivileged guest to crash the host QEMU process and cause a denial of service. The connected advisories (EulerOS-SA-2026-1195/1144, Tencent/Amazon/Linux/Nessus references, Ubuntu USN-7744-1, etc.) corrobo...

SUSE CVE-2024-46734

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we c...

CVE-2024-46734 btrfs: fix race between direct IO write and fsync when using same fd

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we c...

CLSA-2024-1726583188 bind: Fix of 2 CVEs

CVE-2024-4076: avoid assertion failure from client queries triggering stale data and needing local zone lookups - CVE-2024-1975: remove support for SIG0 message verification...

PT-2024-33922

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the drm/xe/oa component. The issue arises when the xe bb create job function appends a MI BATCH BUFFER END to the...

The vulnerability of the SAML SSO authentication mechanism in the corporate version of the GitHub Enterprise Server allows a perpetrator to gain access to a user account with administrator privileges.

The vulnerability of the SAML SSO authentication mechanism in the corporate version of the GitHub Enterprise Server is related to errors in verifying the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to gain access to a user account with administrator...

The vulnerability of the avahi_dns_packetAppendRecord() function in the Avahi service discovery system, related to the reachable assertion, allows a attacker to cause a service failure.

The vulnerability of the avahidnspacketAppendRecord function in the Avahi service discovery system is related to a reachable assertion. Exploiting this vulnerability allows an attacker to cause a service failure...

The vulnerability of the dbus_set_host_name() function in the Avahi local service detection system, related to an achievable assertion that allows a attacker to cause a service failure.

The vulnerability of the dbussethostname function in the Avahi local service detection system is related to a reachable proof. Exploiting this vulnerability allows an attacker to cause a service failure...

Triggerable assertion due to race condition in hot-unplug

...

jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check.

...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature through the incorrect XPath selector due to improper verification of the SAML Response signature. An attacker with access to any signed SAML document can forge a SAML Response/Assertion...

PT-2024-6310 · Gitlab +2 · Gitlab +2

Name of the Vulnerable Software and Affected Versions: Ruby-SAML versions prior to 1.17.0 Ruby-SAML versions 1.13.0 through 1.16.0 GitLab versions prior to 17.3.3, 17.2.7, 17.1.8, 17.0.8, and 16.11.10 Description: The vulnerability is related to the Ruby SAML library, which is used for implementi...

NewStart CGSL MAIN 6.02 : dbus Vulnerability (NS-SA-2024-0062)

The remote NewStart CGSL host, running version MAIN 6.02, has dbus packages installed that are affected by a vulnerability: - An assertion failure vulnerability was found in D-Bus. This issue occurs when a privileged monitoring connection dbus-monitor, busctl monitor, gdbus monitor, or similar is...

Red Hat Keycloak 授权问题漏洞

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. An authorization issue vulnerability exists in Red Hat Keycloak that stems from a session fixation issue discovered in the SAML adapter. Even i...

openSUSE Security Advisory (SUSE-SU-2024:3114-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15: ffmpeg / ffmpeg-private-devel / libavcodec-devel / libavcodec57 / etc (SUSE-SU-2024:3114-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3114-1 advisory. - CVE-2020-22027: Fixed heap-based Buffer Overflow vulnerability exits in deflate16 at...

SUSE-SU-2024:3114-1 Security update for ffmpeg

This update for ffmpeg fixes the following issues: - CVE-2020-22027: Fixed heap-based Buffer Overflow vulnerability exits in deflate16 at libavfilter/vfneighbor.c bsc1186607 - CVE-2021-38291: Fixed an assertion failure at src/libavutil/mathematics.c bsc1189428 - CVE-2023-51798: Fixed floating poi...

BIND TSIG Badtime Query Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BIND TSIG Badtime Query Denial of Service', 'Description' = %q A logic error in code which checks TSIG validity can be used to trigger an asserti...

BIND TKEY Query Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BIND TKEY Query Denial of Service', 'Description' = %q This module sends a malformed TKEY query, which exploits an error in handling TKEY queries...

PT-2024-7400

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in QEMU, related to an assertion failure in the usb ep get function in hw/net/core.c when trying to get the USB endpoint from a USB device. This issue may allow a malicious...