208 matches found
UBUNTU-CVE-2024-38829
A vulnerability in Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase and...
GHSA-Q3V6-HM2V-PW99 Spring Framework has Authorization Bypass for Case Sensitive Comparisons
The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly...
Ubuntu: Security Advisory (USN-7127-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Spring LDAP Spring LDAP sensitive data exposure for case-sensitive comparisons
The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in unintended columns from being queried Related to CVE-2024-38820...
Spring Security Authorization Bypass for Case Sensitive Comparisons
The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly. Related to CVE-2024-38820...
[SECURITY] Fedora 40 Update: ghostscript-10.02.1-13.fc40
This package provides useful conversion utilities based on Ghostscript softwa re, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript PS and Portable Document Format PDF page description...
WordPress plugin Slickstream: Engagement and Conversions 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
DEBIAN-CVE-2024-50194
In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Fix uprobes for big-endian kernels The arm64 uprobes code is broken for big-endian kernels as it doesn't convert the in-memory instruction encoding which is always little-endian into the kernel's native endianness...
SUSE CVE-2024-42156
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key...
BIT-TENSORFLOW-2020-5215 Segmentation faultin TensorFlow when converting a Python string to tf.float16
In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...
AlmaLinux 8 : firefox (ALSA-2024:0955)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:0955 advisory. - When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. Thi...
AlmaLinux 9 : firefox (ALSA-2024:0952)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0952 advisory. - When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. Thi...
Oracle Linux 9 : thunderbird (ELSA-2024-0963)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0963 advisory. 115.8.0-1.0.1 - Add Oracle modifications 115.8.0-1 - Update to 115.8.0 build1 Tenable has extracted the preceding description block directly from the...
Oracle Linux 8 : firefox (ELSA-2024-0955)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0955 advisory. 115.8.0-1.0.1 - Update to 115.8.0 build 1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
Mozilla: Incorrect code generation on 32-bit ARM devices
The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...
Mozilla: Incorrect code generation on 32-bit ARM devices
The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...
Mozilla: Incorrect code generation on 32-bit ARM devices
The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...
Mozilla: Incorrect code generation on 32-bit ARM devices
The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...
Mozilla: Incorrect code generation on 32-bit ARM devices
The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...
Mozilla: Incorrect code generation on 32-bit ARM devices
The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...