Registration role - Critical - Access bypass - SA-CONTRIB-2024-015

The Registration role module lets an administrator select a role or multiple roles to automatically assign to new users. The selected role or roles will be assigned to new registrants. The module has a logic error when handling sites that upgraded code and did not run the Drupal update process e....

The vulnerability of the kvm_io_bus_unregister_dev() function in the KVM subsystem of Linux operating systems allows a attacker to cause a service failure.

The vulnerability of the kvmiobusunregisterdev function in the KVM subsystem of Linux operating systems is related to errors in pointer assignment during device registration. Exploiting this vulnerability can allow an attacker to cause system failures...

PT-2024-26741

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the DisplayPort driver's sysfs nodes being present to the userspace before the completion of typec altmode set drvdata in dp altmode probe. This can trigger a NUL...

CVE-2024-1936

The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third-party. Whil...

CVE-2024-0686

Rejected reason: Incorrect assignment...

Authentication flaw

Rejected reason: Incorrect assignment...

SUSE CVE-2021-47068

In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcpsockbind/connect Commits 8a4cd82d "nfc: fix refcount leak in llcpsockconnect" and c33b1cc62 "nfc: fix refcount leak in llcpsockbind" fixed a refcount leak bug in bind/connect but introduced a...

SUSE CVE-2021-47012

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix a use after free in siwallocmr Our code analyzer reported a UAF. In siwallocmr, it calls siwmraddmemmr,... In the implementation of siwmraddmem, mem is assigned to mr-mem and then mem is freed via kfreemem if...

DEBIAN-CVE-2021-47012

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix a use after free in siwallocmr Our code analyzer reported a UAF. In siwallocmr, it calls siwmraddmemmr,... In the implementation of siwmraddmem, mem is assigned to mr-mem and then mem is freed via kfreemem if...

SUSE CVE-2021-46904

In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device. The first unregistration succeeds but the next one results in ...

CVE-2024-1871

A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. Affected is an unknown function of the file /process/assignp.php of the component Project Assignment Report. The manipulation of the argument pname leads to cross site scripting. It i...

DEBIAN-CVE-2023-52473

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If deviceregister in thermalzonedeviceregisterwithtrips returns an error, the tz variable is set to NULL and subsequently dereferenced in kfreetz-tzp...

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If deviceregister in thermalzonedeviceregisterwithtrips returns an error, the tz variable is set to NULL and subsequently dereferenced in kfreetz-tzp...

UBUNTU-CVE-2023-52473

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If deviceregister in thermalzonedeviceregisterwithtrips returns an error, the tz variable is set to NULL and subsequently dereferenced in kfreetz-tzp...

CVE-2021-46904

In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device. The first unregistration succeeds but the next one results in ...

CVE-2024-1871 SourceCodester Employee Management System Project Assignment Report assignp.php cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. Affected is an unknown function of the file /process/assignp.php of the component Project Assignment Report. The manipulation of the argument pname leads to cross site scripting. It i...

App Layering - Set Static MAC Address on a Packaging Machine

By default an App layering packaging machine will use DHCP to assign an IP address. There is no built in mechanism to change this behavior to use a statically assigned IP. To work around this, a manually assigned MAC address can be set on a VM Template in your hypervisor. Then an IP address can b...

Design/Logic Flaw

Rejected reason: Erroneous assignment...

PT-2024-18050 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue was mentioned on Twitter with a rejected reason of erroneous assignment. No further details are provided about the issue itself, such ...

PT-2024-18105 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue was mentioned on Twitter with a rejected reason of erroneous assignment. No further details are provided about the nature of the issue...