CVE-2024-22653

CVE-2024-22653 concerns yasm with a NULL pointer dereference in yasm_section_bcs_append (section.c). The connected Nessus advisories link the issue to multiple vendors, noting that affected yasm packages in TencentOS Server 4, Unity Linux, CBL Mariner 2.0, Azure Linux, and other distributions may...

CVE-2024-22653

yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasmsectionbcsappend function at section.c...

CVE-2024-22653

yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasmsectionbcsappend function at section.c...

Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore

An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware. Sina Gholinejad aka Sina Ghaaf, 37, and his co-conspirators are said to have breached the computer networks of various organizations in...

PT-2025-28987

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc7-test-00004-g478bc2824b45-dirty 564 Description: A flaw exists in the Linux kernel's ring buffer implementation where a commit overrun can lead to a warning being triggered due to a missed event. This...

CVE-2024-9301

A path traversal issue in E2Nest prior to commit 8a41948e553c89c56b14410c6ed395e9cfb9250a...

CVE-2024-42572

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at unitmarks.php...

CVE-2024-42567

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the sid parameter at /search.php?action=2...

CVE-2024-42558

Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the bookid parameter at adminmodifyroom.php...

CVE-2024-42566

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php...

CVE-2024-33260

Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component parserparseclass at jerry-core/parser/js/js-parser-expr.c...

CVE-2024-3114

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commits can lead to a regular expression DoS attack on the server...

CVE-2024-30268

Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained cookies. This issue is fixed in commit...

CVE-2024-29897

CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. It is possible for users with delete or suppressrevision on any wiki in the farm to access suppressed wiki requests by going to the request's entry on Special:RequestWikiQueue on the wiki where they have these rights. T...

CVE-2024-50944

Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. The issue lies in the quantity parameter in the CartController's AddToCart method...

CVE-2024-9004

A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/BackupServercommit.php. The manipulation of the argument host leads to os command injection. It is possible to launch the attack remotely. The exploi...

CVE-2024-6389

An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. An attacker as a guest user was able to access commit information via the release Atom endpoint, contrary to permissions...

CVE-2024-42564

ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/inventory/delete?action=delete...

CVE-2024-42573

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php...

CVE-2024-42565

ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/contact/delete?action=delete...