6046 matches found
AZL-53007 CVE-2024-50243 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix general protection fault in runismappedfull Fixed deleating of a non-resident attribute in ntfscreateinode rollback...
AZL-53100 CVE-2024-50243 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix general protection fault in runismappedfull Fixed deleating of a non-resident attribute in ntfscreateinode rollback...
DEBIAN-CVE-2024-50243
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix general protection fault in runismappedfull Fixed deleating of a non-resident attribute in ntfscreateinode rollback...
UBUNTU-CVE-2024-50243
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix general protection fault in runismappedfull Fixed deleating of a non-resident attribute in ntfscreateinode rollback...
ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir()
...
CVE-2024-50186
In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...
CVE-2024-50186 net: explicitly clear the sk pointer, when pf->create fails
In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...
CVE-2024-50186
CVE-2024-50186 : Linux kernel vulnerability in net: explicitly clear the sk pointer when pf->create fails. Root cause: some pf->create implementations do not NULL the freed sk object in error paths, leaving a dangling pointer and enabling Use-After-Free. Fix: explicitly NULL the sk pointer ...
CVE-2024-50186 net: explicitly clear the sk pointer, when pf->create fails
In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...
The vulnerability of the `ff_v4l2_m2m_create_context` function in the `v4l2_m2m.c` component of the FFmpeg multimedia library occurs due to improper memory release before deleting the last reference. This allows a malicious actor to trigger a service failure.
The vulnerability of the ffv4l2m2mcreatecontext function in the v4l2m2m.c component of the FFmpeg multimedia library is related to improper memory release before deleting the last pointer. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
Devtron SQL注入漏洞
Devtron is a Kubernetes cloud-native tool integration platform open-sourced by Devtron. A SQL injection vulnerability exists in Devtron prior to version 0.7.2, which stems from an authenticated user being able to execute malicious SQL queries via the CreateUser interface...
GHSA-HV6M-QJ65-26Q3 UnoPim Cross-site Scripting vulnerability
UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting XSS in the Create User function. The vulnerability allows attackers to perform XSS in SVG file extension, which can be used to stealing cookies...
UnoPim Cross-site Scripting vulnerability
UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting XSS in the Create User function. The vulnerability allows attackers to perform XSS in SVG file extension, which can be used to stealing cookies...
CVE-2024-50637
UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting XSS in the Create User function. This allows attackers to perform XSS via an SVG document, which can be used to steal cookies...
Open Redirect
Overview symfony/http-foundation is a component defines an object-oriented layer for the HTTP specification. Affected versions of this package are vulnerable to Open Redirect in the Request::create function, which improperly handles special characters in a URI. Remediation Upgrade...
SUSE CVE-2024-39721
An issue was discovered in Ollama before 0.1.34. The CreateModelHandler function uses os.Open to read a file until completion. The req.Path parameter is user-controlled and can be set to /dev/random, which is blocking, causing the goroutine to run infinitely even after the HTTP request is aborted...
UnoPim 安全漏洞
UnoPim is an open source Product Information Management PIM system based on the Laravel framework by UnoPim Open Source. A security vulnerability exists in UnoPim 0.1.3 and earlier versions, which stems from a cross-site scripting XSS vulnerability in the Create User function that allows an...
The vulnerability of the xe_device_create() function in the Intel Xe kernel driver for Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the xedevicecreate function in the drivers/gpu/drm/xe/xedevice.c file of the Intel Xe driver for the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the ltdc_plane_create() function in the Linux operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ltdcplanecreate function in the drivers/gpu/drm/stm/ltdc.c file of the Linux kernel is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protecte...
PT-2024-34372 · Unopim · Unopim
Name of the Vulnerable Software and Affected Versions: UnoPim versions 0.1.3 and below Description: The issue is related to Cross Site Scripting XSS in the Create User function, allowing attackers to perform XSS via an SVG document. This can be used to steal cookies. The vulnerability is exploite...