Linux Distros Unpatched Vulnerability : CVE-2024-36138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via childprocess.spawn /...

ALPINE-CVE-2024-36138

Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via childprocess.spawn / childprocess.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option i...

CVE-2024-31992 Mealie contains a DoS vulnerability in recipe importer

Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safescrapehtml function utilizes a user-controlled URL to issue a request to a remote server, however these requests are not rate-limited. While there are efforts to prevent DDoS by implementing a timeout on requests, it...

SUSE CVE-2024-27980

Due to the improper handling of batch files in childprocess.spawn / childprocess.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled...

CVE-2024-26684 net: stmmac: xgmac: fix handling of DPP safety error for DMA channels

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: xgmac: fix handling of DPP safety error for DMA channels Commit 56e58d6c8a56 "net: stmmac: Implement Safety Features in XGMAC core" checks and reports safety errors, but leaves the Data Path Parity Errors for each...