CVE-2022-48662

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915gemcontext.link under ref protection i915perf assumes that it can use the i915gemcontext reference to protect its i915-gem.contexts.list iteration. However, this requires that we do not remove the...

CVE-2022-48662

CVE-2022-48662 affects the Linux kernel i915 driver (i915_gem_context.link protection). The issue arises when removing a context from the gem.contexts list during context_close(), which can poison link.next while i915_perf holds a reference, leading to a general protection fault during i915_perf_...

CVE-2022-48662

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915gemcontext.link under ref protection i915perf assumes that it can use the i915gemcontext reference to protect its i915-gem.contexts.list iteration. However, this requires that we do not remove the...

CVE-2024-29733

Improper Certificate Validation vulnerability in Apache Airflow FTP Provider. The FTP hook lacks complete certificate validation in FTPTLS connections, which can potentially be leveraged. Implementing proper certificate validation by passing context=ssl.createdefaultcontext during FTPTLS...

CVE-2024-29733 Apache Airflow FTP Provider: FTP_TLS instance with unverified SSL context

Improper Certificate Validation vulnerability in Apache Airflow FTP Provider. The FTP hook lacks complete certificate validation in FTPTLS connections, which can potentially be leveraged. Implementing proper certificate validation by passing context=ssl.createdefaultcontext during FTPTLS...

CVE-2024-26690

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in , write side of struct u64statssync must ensure mutual exclusion, or one seqcount update could be lost on 32-bit platforms, thus blocking...

CVE-2024-26688 fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super

In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbsfillsuper When configuring a hugetlb filesystem via the fsconfig syscall, there is a possible NULL dereference in hugetlbfsfillsuper caused by assigning NULL to ctx-hstate in...

Cross site scripting

A vulnerability in the web-based management interface of Cisco AppDynamics Controller could allow an authenticated, remote attacker to perform a reflected cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of...

CVE-2021-46942

In the Linux kernel, the following vulnerability has been resolved: iouring: fix shared sqpoll cancellation hangs 736.982891 INFO: task iou-sqp-4294:4295 blocked for more than 122 seconds. 736.982897 Call Trace: 736.982901 schedule+0x68/0xe0 736.982903 iouringcancelsqpoll+0xdb/0x110 736.982908...

(Pwn2Own) Canon imageCLASS MF753Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the Authorization header provided to the...

(Pwn2Own) Canon imageCLASS MF753Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the Authorization header provided to the...

GoAhead Web Server 2.5 HTML Injection

Exploit Title: GoAhead Web Server 2.5 - 'goform/formTest' Multiple HTML Injection Vulnerabilities Date: 25/9/2023 Exploit Author: Syed Affan Ahmed ZEROXINN Vendor Homepage: https://www.embedthis.com/goahead/ Affected Version: 2.5 may be others. Tested On Version: 2.5 in ZTE AC3630...

Exposed Secrets are Everywhere. Here's How to Tackle Them

Picture this: you stumble upon a concealed secret within your company's source code. Instantly, a wave of panic hits as you grasp the possible consequences. This one hidden secret has the power to pave the way for unauthorized entry, data breaches, and a damaged reputation. Understanding the secr...

wrong implementation of maxHeap.extractMax();

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. wrong implementation of maxHeap.extractMax; as it should return values but here its not assigned to anything. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, log...

(0Day) Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2023-49653

Jenkins Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...

Updates to Layered Context Enable Teams to Quickly Understand Which Risk Signals Are Most Pressing

Layered Context introduced a consolidated view of all security risks insightCloudSec collects from the various layers of a cloud environment. This enabled our customers to go from visibility into individual security risks on a resource, to understanding all of the risks that impacted that resourc...

ODProxy is flawed due to delegatecall to ODSafeManager which render system inoperable

Lines of code Vulnerability details Impact The vulnerability arises from the use of delegatecall to interact with the ODSafeManager contract, which is designed to store the context of the safe manager. However, the data inside ODSafeManager is never properly updated when ODProxy uses delegatecall...

CVE-2023-5207

Removed by vendor...

Foxit PDF Reader XFA Doc Object Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of D...