8527 matches found
EulerOS Virtualization 2.10.1 : python-jinja2 (EulerOS-SA-2024-2147)
According to the versions of the python-jinja2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing...
EulerOS Virtualization 2.10.0 : python-jinja2 (EulerOS-SA-2024-2127)
According to the versions of the python-jinja2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing...
SUSE CVE-2024-43836
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: pse-pd: Fix possible null-deref Fix a possible null dereference when a PSE supports both c33 and PoDL, but only one of the netlink attributes is specified. The c33 or PoDL PSE capabilities are already validated in t...
FRRouting 安全漏洞
FRRouting is the FRRouting open source suite of network routing software that runs on Unix-like platforms. A security vulnerability exists in FRRouting versions 10.1 and earlier, which stems from bgpattrencap in bgpd/bgpattr.c that does not check the actual remaining stream length before obtainin...
PT-2024-6046 · Frrouting +5 · Frrouting +5
Name of the Vulnerable Software and Affected Versions: FRRouting versions through 10.1 Description: An issue was discovered in the bgp attr encap function in the bgpd/bgp attr.c file, which does not check the actual remaining stream length before taking the TLV value. This can allow a remote...
CVE-2024-43836
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: pse-pd: Fix possible null-deref Fix a possible null dereference when a PSE supports both c33 and PoDL, but only one of the netlink attributes is specified. The c33 or PoDL PSE capabilities are already validated in t...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly deregister the sysfs attribute before calling the deactivate function...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
kernel: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
A vulnerability was found in the icebridgesetlink function in the Linux kernel. A missing check to verify whether the nlmsgfindattr function returns NULL or not could lead to a NULL pointer dereference, system instability, or crashes...
REXML: DoS parsing an XML with many `<`s in an attribute value
REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...