The FIDO2/Webauthn Support for PHP library allows enumeration of valid usernames

Summary The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found. Details When WebAuthn is used as the first or only authentication method, an attacker can enumerate usernames based on the absence of the allowedCredentials property i...

GHSA-875X-G8P7-5W27 The FIDO2/Webauthn Support for PHP library allows enumeration of valid usernames

Summary The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found. Details When WebAuthn is used as the first or only authentication method, an attacker can enumerate usernames based on the absence of the allowedCredentials property i...

The vulnerability of the SAML standard implementation in the Splunk Enterprise platform for operational analysis allows a perpetrator to carry out a brute-force attack.

The vulnerability of the SAML standard implementation in the Splunk Enterprise platform for operational analysis is related to inconsistencies in responses to incoming requests. Exploiting this vulnerability could allow a malicious actor to carry out a brute-force attack...

CVE-2024-40962

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: allocate dummy checksums for zoned NODATASUM writes Shin'ichiro reported that when he's running fstests' test-case btrfs/167 on emulated zoned devices, he's seeing the following NULL pointer dereference in...

CVE-2024-40962 btrfs: zoned: allocate dummy checksums for zoned NODATASUM writes

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: allocate dummy checksums for zoned NODATASUM writes Shin'ichiro reported that when he's running fstests' test-case btrfs/167 on emulated zoned devices, he's seeing the following NULL pointer dereference in...

CVE-2024-40962 btrfs: zoned: allocate dummy checksums for zoned NODATASUM writes

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: allocate dummy checksums for zoned NODATASUM writes Shin'ichiro reported that when he's running fstests' test-case btrfs/167 on emulated zoned devices, he's seeing the following NULL pointer dereference in...

CVE-2024-40962

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: allocate dummy checksums for zoned NODATASUM writes Shin'ichiro reported that when he's running fstests' test-case btrfs/167 on emulated zoned devices, he's seeing the following NULL pointer dereference in...

RHEL 8 : redis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - redis: Code injection via Lua script execution environment CVE-2022-24735 - redis: heap overflow in the l...

Advisory ROSA-SA-2024-2447

software: cairo 1.16.0 WASP: ROSA-CHROME packageevrstring: cairo-1.16.0-5 CVE-ID: CVE-2019-6461 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is an assertion problem in the cairoarcindirection function in the cairo-arc.c file. CVE-STATUS: Fixed CVE-REV: To close, run the command: sudo dnf update...

libreswan: IKEv1 default AH/ESP responder can crash and restart

A flaw was found in Libreswan, where it was identified to contain an assertion failure issue in the computeprotokeymat function. The vulnerability can be exploited when an IKEv1 connection is loaded with an AH/ESP default setting when no esp= line is present in the connection. This flaw allows an...

libreswan: IKEv1 default AH/ESP responder can crash and restart

A flaw was found in Libreswan, where it was identified to contain an assertion failure issue in the computeprotokeymat function. The vulnerability can be exploited when an IKEv1 connection is loaded with an AH/ESP default setting when no esp= line is present in the connection. This flaw allows an...

CBL Mariner 2.0 Security Update: bind (CVE-2023-5679)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5679 advisory. - A bad interaction between DNS64 and serve-stale May cause named to crash with an assertion failure during...

CVE-2024-36996

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance when they attempt t...

CVE-2024-36996

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance when they attempt t...

CVE-2024-36996 Information Disclosure of user names

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance when they attempt t...

In Jasper 4.2.2 the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability allowing attackers to cause a denial of service attack through a specific image file.

...

openSUSE Security Advisory (SUSE-SU-2024:2200-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : avahi (SUSE-SU-2024:2200-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2200-1 advisory. - CVE-2023-38471: Fixed a reachable assertion in dbussethostname. bsc1216594 - CVE-2023-38469:...

CVE-2024-36484

In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time. Christoph reported the following splat: WARNING: CPU: 1 PID: 772 at net/ipv4/afinet.c:761 inetaccept+0x1f4/0x4a0 Modules linked in: CPU: 1 PID: 772 Comm: syz-executor510 Not tainted...

CVE-2024-36484 net: relax socket state check at accept time.

In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time. Christoph reported the following splat: WARNING: CPU: 1 PID: 772 at net/ipv4/afinet.c:761 inetaccept+0x1f4/0x4a0 Modules linked in: CPU: 1 PID: 772 Comm: syz-executor510 Not tainted...