CVE-2024-9400

A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...

DEBIAN-CVE-2024-9400

A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...

CVE-2024-9400

A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...

CVE-2024-9400

A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...

CVE-2024-9400

A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...

CVE-2024-9400

A memory corruption vulnerability (CVE-2024-9400) can be triggered by triggering an OOM at a specific moment during JIT compilation, affecting Firefox versions before 131, Firefox ESR before 128.3, Thunderbird before 128.3, and Thunderbird before 131. The issue has been acknowledged in multiple a...

Exploit for Use After Free in Apple Macos

EN GenEtherExploit is a Proof-of-Concept PoC exploit for t...

stb: Multiple Vulnerabilities

Background A set of single-file public domain or MIT licensed libraries for C/C++ Description Multiple vulnerabilities have been discovered in stb. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is ...

Oracle Linux 8 : libvpx (ELSA-2024-5941)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5941 advisory. 1.7.0-11 - Add patch to fix integer overflows. - Fix compilation by including limits.h - Resolves: RHEL-40650 Tenable has extracted the preceding...

libvpx security update

1.7.0-11 - Add patch to fix integer overflows. - Fix compilation by including limits.h - Resolves: RHEL-40650...

openSUSE: Security Advisory for qemu (SUSE-SU-2024:2977-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CWA-2023-004: Excessive number of function parameters in compiled Wasm

A specifically crafted Wasm file can cause the VM to consume excessive amounts of memory when compiling a contract. This can lead to high memory usage, slowdowns, potentially a crash and can poison a lock in the VM, preventing any further interaction with contracts. For more information, see...

PT-2024-40919 · Cosmwasm · Cosmwasm

Name of the Vulnerable Software and Affected Versions: CosmWasm affected versions not specified Description: A specifically crafted Wasm file can cause the VM to consume excessive amounts of memory when compiling a contract, leading to high memory usage, slowdowns, potentially a crash, and can...

SUSE-SU-2024:2977-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2023-2861: Fixed improper access control on special files via 9p protocol bsc1212968 - CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command bsc1227322 Other fixes: - Fixed qemu build compilation with binutils...

openSUSE Security Advisory (SUSE-SU-2024:1498-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-4b0d95b102)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: pypy-7.3.16-2.fc40

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

Fedora: Security Advisory (FEDORA-2024-c5152808e4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to arbitrary code execution during compilation due to traverse ( CVE-2023-45133 )

Summary Package traverse is used by IBM Cloud Pak for Data. CVE-2023-45133. Vulnerability Details CVEID:CVE-2023-45133 DESCRIPTION: Babel could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the path.evaluateor path.evaluateTruthy. By using a specially crafted...

SUSE-SU-2024:2266-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: PostgreSQL upgrade to version 16.3 bsc1224051: - CVE-2024-4317: Fixed visibility restriction of pgstatsext and pgstatsextexprs entries to the table owner bsc1224038. Bug fixes: - Fix incompatibility with LLVM 18. - Prepare for PostgreSQL 17...