Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TXEN pin. When the TTY port is closed in the middle of a...

UBUNTU-CVE-2023-52456

In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TXEN pin. When the TTY port is closed in the middle of a...

CVE-2023-52456 serial: imx: fix tx statemachine deadlock

In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TXEN pin. When the TTY port is closed in the middle of a...

SourceCodester Complete File Management System SQL Injection Vulnerability

Complete File Management System is a file management system by nelzkie15 Personal Developer. A SQL injection vulnerability exists in SourceCodester Complete File Management System version 1.0, which originates from a SQL injection vulnerability in the file /admin/ of the component admin Login For...

Oracle Linux 8 : mysql:8.0 (ELSA-2024-0894)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0894 advisory. mecab mecab-ipadic mysql 8.0.36-1 - Update to MySQL 8.0.36 8.0.35-2 - Fix int-conversion type error in memcached 8.0.35-1 - Update to MySQL 8.0.35 -...

DEBIAN-CVE-2024-26585

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

AZL-35787 CVE-2024-26585 affecting package kernel for versions less than 5.15.158.2-1

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

CVE-2024-26585

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

CVE-2024-26585

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

Unified Identity – look for the meaning behind the hype!

If you've listened to software vendors in the identity space lately, you will have noticed that "unified" has quickly become the buzzword that everyone is adopting to describe their portfolio. And this is great! Unified identity has some amazing benefits! However there is always a however, right?...

HTML Injection

Sulu is vulnerable to HTML Injection. The vulnerability is due to improper HTML sanitization within the the Tag name. The HTML is executed when the tag name is listed in the auto complete form...

CVE-2024-24807 Sulu is vulnerable to HTML Injection via Autocomplete Suggestion

Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones...

Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 : runC vulnerability (USN-6619-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6619-1 advisory. Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could...

Out-of-bounds Write

openssl:edge is vulnerable of Out-of-bounds Write. The vulnerability due to the application state might be corrupted with various application dependent consequences when returning to the caller. It allows an attacker could get complete control of the application process which leads to denial of...

Malicious code in wlwz-2312-2405 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a133fd8ec2d91859ac58de1e8195ef0997c23ef1eeb6cf885a1c5416a153b793 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-392 Malicious code in wlwz-2312-2406 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68e160a6dd6d6ff375eaf51af8afdc05d16877d99bdf8df7bc4aa09368be629a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-327 Malicious code in wlwz-2312-1704 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2fe0cae4b95307e4dc15eaac3c7d6f896e90f40999f1c072920662ccc042001b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-215 Malicious code in wlwz-2312-0500 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6380234862769c4f33b2aee442495077d0850b25dd574794044672f901a2e3e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-638 Malicious code in wlwz-2312-5200 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1aa0da4d15422aa4bd5114985f643d931d8d89ae24a789070a00b3c6f5af31ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-40547

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...