CVE-2023-40516 LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability

LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of LG Simple Editor. An attacker must first obtain the ability to execute low-privileged code on the target system ...

SUSE CVE-2024-26930

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha-vpmap pointer Coverity scan reported potential risk of double free of the pointer ha-vpmap. ha-vpmap was freed in qla2x00memalloc, and again freed in function qla2x00memfreeha. Assign NULL...

DEBIAN-CVE-2024-26930

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha-vpmap pointer Coverity scan reported potential risk of double free of the pointer ha-vpmap. ha-vpmap was freed in qla2x00memalloc, and again freed in function qla2x00memfreeha. Assign NULL...

kernel: bpf: reject unhashed sockets in bpf_sk_assign

A reference counting flaw was found in the Linux kernel's BPF socket assignment helper when handling unhashed UDP sockets. When a BPF program assigns an unhashed UDP socket to a packet, the function increments the socket reference count assuming SOCKRCUFREE isn't set. However, subsequent bind or...

SUSE CVE-2022-48637

In the Linux kernel, the following vulnerability has been resolved: bnxt: prevent skb UAF after handing over to PTP worker When reading the timestamp is required bnxttxint hands over the ownership of the completed skb to the PTP worker. The skb should not be used afterwards, as the worker may run...

CVE-2024-3375

Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dialogue: from v1.83 before v1.83.1 or v1.84...

CVE-2024-3375 Broken Access Control in Havelsan's Dialogue

Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dialogue: from v1.83 before v1.83.1 or v1.84...

CVE-2024-3375 Broken Access Control in Havelsan's Dialogue

Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dialogue: from v1.83 before v1.83.1 or v1.84...

CVE-2024-3375

CVE-2024-3375 affects Havelsan Inc. Dialogue. Root cause: Incorrect Permission Assignment for Critical Resource due to ACL misconfigurations that allow accessing functionality not properly constrained. Affected versions: Havelsan Dialogue 1.83 (before 1.83.1) and 1.84. Remediation: upgrade 1.83 l...

Fedora 40 : chisel (2023-b29031a7aa)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b29031a7aa advisory. Automatic update for chisel-1.9.0-1.fc40. Changelog Sun Aug 20 2023 Filipe Rosset - 1.9.0-1 - Update to 1.9.0 fixes rhbz2113146 rhbz2163065...

Incorrect Permission Assignment

github.com/rancher/rancher is vulnerable to Incorrect Permission Assignment. The vulnerability is due to a flaw where users were granted access to resources regardless of the resource's API group, leading to unauthorized access and modification capabilities across various resources...

GHSA-R76G-G87F-VW8F Kubelet Incorrect Privilege Assignment

In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 root on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the container as root. ...

Kubelet Incorrect Privilege Assignment

In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 root on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the container as root. ...

VulnCheck KEV: CVE-2024-32959

Incorrect Privilege Assignment vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.2...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...