CVE-2024-7297 Langflow Privilege Escalation

Langflow versions prior to 1.0.13 suffer from a Privilege Escalation vulnerability, allowing a remote and low privileged attacker to gain super admin privileges by performing a mass assignment request on the '/api/v1/users' endpoint...

CVE-2024-7297 Langflow Privilege Escalation

Langflow versions prior to 1.0.13 suffer from a Privilege Escalation vulnerability, allowing a remote and low privileged attacker to gain super admin privileges by performing a mass assignment request on the '/api/v1/users' endpoint...

AZL-48111 CVE-2024-42123 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix double free erraddr pointer warnings In amdgpuumcbadpagepollingtimeout, the amdgpuumchandlebadpages will be run many times so that double free erraddr in some special case. So set the erraddr to NULL to avoid the...

PT-2024-28300 · Unknown · Mini-Deep-Assign

Name of the Vulnerable Software and Affected Versions: mini-deep-assign version 0.0.8 Description: The issue allows an attacker to execute arbitrary code or cause a Denial of Service DoS and cause other impacts via the assign method. This method is located at /lib/index.js:91. Recommendations: Fo...

NI FlexLogger Redis Server Incorrect Permission Assignment Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2024-42089 ASoC: fsl-asoc-card: set priv->pdev before using it

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl-asoc-card: set priv-pdev before using it priv-pdev pointer was set after being used in fslasoccardaudmuxinit. Move this assignment at the start of the probe function, so sub-functions can correctly use pdev through priv...

DEBIAN-CVE-2024-42081

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xedevcoredump: Check NULL before assignments Assign 'xedevcoredumpsnapshot ' and 'xedevice ' only if 'coredump' is not NULL. v2 - Fix commit messages. v3 - Define variables before code.Ashutosh/Jose v4 - Drop return check...

CVE-2024-41139

Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the product's Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privile...

CVE-2024-41139

Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the product's Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privile...

CVE-2024-41139

CVE-2024-41139 involves SKYSEA Client View, affected versions 6.010.06 to 19.210.04e. The vulnerability is an incorrect privilege assignment that allows a user who can log in to the Windows client host to drop a specially crafted DLL into a specific folder, enabling arbitrary code execution with ...

CVE-2024-41139

Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the product's Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privile...

Mozilla: Race condition in permission assignment

The Mozilla Foundation Security Advisory describes this flaw as: A race condition could lead to a cross-origin container obtaining permissions of the top-level origin...

Mozilla: Race condition in permission assignment

The Mozilla Foundation Security Advisory describes this flaw as: A race condition could lead to a cross-origin container obtaining permissions of the top-level origin...

Mozilla: Race condition in permission assignment

The Mozilla Foundation Security Advisory describes this flaw as: A race condition could lead to a cross-origin container obtaining permissions of the top-level origin...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update ...

Mozilla: Race condition in permission assignment

The Mozilla Foundation Security Advisory describes this flaw as: A race condition could lead to a cross-origin container obtaining permissions of the top-level origin...

The vulnerability of the PowerScale OneFS operating system, related to incorrect privilege assignment, allows a perpetrator to trigger a service failure and increase their privileges.

The vulnerability of the PowerScale OneFS operating system is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to cause service failures and increase their privileges...

The vulnerability of the PowerScale OneFS operating system, related to incorrect privilege assignment, allows attackers to elevate their privileges.

The vulnerability of the PowerScale OneFS operating system is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

Mageia: Security Advisory (MGASA-2024-0274)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0274 Updated thunderbird packages fix security vulnerabilities

Memory corruption in WebGL API. CVE-2024-6600 Race condition in permission assignment. CVE-2024-6601 Memory corruption in thread creation. CVE-2024-6603 Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13. CVE-2024-6604...