1944 matches found
UBUNTU-CVE-2024-50090
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix overflow in oa batch buffer By default xebbcreatejob appends a MIBATCHBUFFEREND to batch buffer, this is not a problem if batch buffer is only used once but oa reuses the batch buffer for the same metric and at eac...
CVE-2024-50090 drm/xe/oa: Fix overflow in oa batch buffer
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix overflow in oa batch buffer By default xebbcreatejob appends a MIBATCHBUFFEREND to batch buffer, this is not a problem if batch buffer is only used once but oa reuses the batch buffer for the same metric and at eac...
CVE-2024-50090 drm/xe/oa: Fix overflow in oa batch buffer
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix overflow in oa batch buffer By default xebbcreatejob appends a MIBATCHBUFFEREND to batch buffer, this is not a problem if batch buffer is only used once but oa reuses the batch buffer for the same metric and at eac...
CVE-2024-50090
The CVE-2024-50090 entry concerns the Linux kernel, specifically the drm/xe/oa path. The issue arises when OA reuses a batch buffer and appends MI_BATCH_BUFFER_END on every call, causing an overflow as bb->len * 4 + bb_prefetch(q->gt) grows beyond the allocated size. The provided connected ...
CVE-2024-50090 drm/xe/oa: Fix overflow in oa batch buffer
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix overflow in oa batch buffer By default xebbcreatejob appends a MIBATCHBUFFEREND to batch buffer, this is not a problem if batch buffer is only used once but oa reuses the batch buffer for the same metric and at eac...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the drm/xe/oa module due to a batch buffer overflow as a result of repeated appending of the...
This Week in Spring - October 29th, 2024
Hi, Spring fans! How're things? It's almost Halloween! I'm so excited! I'm going as a PHP program. Boooooooo...t. I'm writing this from the amazing Vaadin Create conference in Frankfurt, Germany, about to do my keynote for an amazing, Spring-loving audience here. So, without further ado, let's di...
CVE-2024-50311
A denial of service DoS vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in o...
CVE-2024-44991
...
This Week in Spring - October 15th, 2024
Hi, Spring fans! Welcome to another rip-roaring and ever-so-riveting installment of This Week in Spring! I'm in Amsterdam, at the moment, rounding out a week between Antwerp, Beglium, and Amsterdam, the Netherlands. Today I'm off to Dubai for the fantastic GITEX/DevSlam event. Then I return back ...
Exploit for Use of Incorrectly-Resolved Name or Reference in Zohocorp Manageengine_Adselfservice_Plus
CVE-2021-40539 CVE-2021-40539: ADSelfService Plus RCE Vulner...
CentOS 7 : ipa (RHSA-2020:0378)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0378 advisory. - A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that...
From Spring Cloud Data Flow 2.11.x to 3.0
Dear Spring Community, With the recent announcement of Spring Framework 7.0 and Spring Boot 4.0, the Spring Cloud Data Flow team is pleased to announce the next major release, SCDF 3.0, to align with both Spring Framework 7.0 and Spring Boot 4.0. This will bring the following SCDF ecosystem of...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
CVE-2023-38831 WinRAR Exploit Generator Created by: tech...
Security Bulletin: Vulnerability in Node.js affects IBM Rational Developer for i RPG and COBOL + Modernization Tools, Java Edition (CVE-2024-36138)
Summary Node.js is used as runtime and SDK for Apache Cordova applications within IBM Rational Developer for i RPG and COBOL + Modernization Tools, Java Edition. Information about security vulnerabilities affecting Node.js has been published in a security bulletin. This bulletin identifies the...
Rockwell FactoryTalk Batch View < 3.00 Authentication Bypass
The version of Rockwell FactoryTalk Batch View installed on the remote Windows host is prior to 3.00. It is, therefore, affected by a vulnerability. - An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could...
Rockwell FactoryTalk Batch View Installed (Windows)
Binary data rockwellfactorytalkbatchviewinstalled.nbin...
PT-2024-33922
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the drm/xe/oa component. The issue arises when the xe bb create job function appends a MI BATCH BUFFER END to the...
The vulnerability of FactoryTalk Batch View’s software for real-time control and monitoring processes is related to deficiencies in authentication procedures, allowing attackers to circumvent existing security restrictions.
The vulnerability of FactoryTalk Batch View’s software for managing and monitoring manufacturing processes in real-time is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow attackers to circumvent existing security restrictions remotely...
Internet Bug Bounty: `std::process::Command` batch files argument escaping could be bypassed with trailing whitespace or periods
The Rust Security Response WG disclosed a vulnerability in the std::process::Command module on Windows, where it incorrectly escaped arguments when invoking batch files. This allowed for bypassing the fix by including trailing whitespace or periods in the batch file name, which are ignored and...