2746 matches found
The vulnerability of the HDMI component in the Linux operating system’s kernel allows for a malfunction to occur, leading to service failure.
The vulnerability of the HDMI component in the Linux operating system is related to the cancellation of device code registration when binding is revoked. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2024-47070
CVE-2024-47070 affects authentik (open-source identity provider) versions prior to 2024.8.3 and 2024.6.5. An authentication bypass exists when an attacker-supplied X-Forwarded-For header contains an unparsable value (e.g., a), which can bypass the password stage due to a policy binding flaw and a...
CVE-2024-47176 cups-browsed binds to `INADDR_ANY:631`, trusting any packet from any source
CUPS is a standards-based, open-source printing system, and cups-browsed contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. cups-browsed binds to INADDRANY:631, causing it to trust any packet from any source, and can cause t...
kernel: x86/xen: Fix memory leak in xen_smp_intr_init{_pv}()
A memory leak was found in the Linux kernel's Xen SMP interrupt initialization functions for x86 architectures. When interrupt handler binding fails during setup, the error path frees various resources but neglects to free dynamically allocated interrupt name strings created via kasprintf. This...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963 Ivanti Cloud Services Appliance CSA Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and...
SUSE CVE-2024-46795
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
Security Bulletin: Vulnerability in Spring Framework affects IBM watsonx.data
Summary Spring Framework running on Tomcat as a WAR deployment with JDK 9 or higher using spring-webmvc or spring-webflux could allow a remote attacker to execute arbitrary code on the system, caused by the improper handling of PropertyDescriptor objects used with data binding. This may affect IB...
CVE-2024-46795
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
DEBIAN-CVE-2024-46795
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
UBUNTU-CVE-2024-46795
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
CVE-2024-46795
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
CVE-2024-46795 ksmbd: unset the binding mark of a reused connection
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
CVE-2024-46795 ksmbd: unset the binding mark of a reused connection
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
LLama cpp python binding < 0.2.88 Arbitrary Write Vulnerability
The version of llama.cpp installed on the remote host is prior to 0.2.88. It is, therefore, affected by an arbitrary write vulnerability. This vulnerability was combined with another arbitrary address read vulnerability to achieve RCE, demonstrating the significant impact of the vulnerability. No...
CLSA-2024-1726314403 Update of httpd
modproxy: Fix ProxySourceAddress binding failure with AH00938...
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2016-3714link is external ImageMagick Improper Input Validation Vulnerability CVE-2017-1000253link is external Linux Kernel PIE Stack Buffer Corruption...
SUSE CVE-2024-44967
In the Linux kernel, the following vulnerability has been resolved: drm/mgag200: Bind I2C lifetime to DRM device Managed cleanup with devmaddactionorreset will release the I2C adapter when the underlying Linux device goes away. But the connector still refers to it, so this cleanup leaves behind a...
CVE-2024-44967
In the Linux kernel, the following vulnerability has been resolved: drm/mgag200: Bind I2C lifetime to DRM device Managed cleanup with devmaddactionorreset will release the I2C adapter when the underlying Linux device goes away. But the connector still refers to it, so this cleanup leaves behind a...
kernel: x86/xen: Fix memory leak in xen_smp_intr_init{_pv}()
A memory leak was found in the Linux kernel's Xen SMP interrupt initialization functions for x86 architectures. When interrupt handler binding fails during setup, the error path frees various resources but neglects to free dynamically allocated interrupt name strings created via kasprintf. This...
PT-2024-25079 · Qualcomm · Snapdragon +92
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time...