CVE-2024-33307

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting XSS via "Last Name" parameter in Create User...

DEBIAN-CVE-2024-26986

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in createprocess failure Fix memory leak due to a leaked mmget reference on an error handling code path that is triggered when attempting to create KFD processes while a GPU reset is in progress...

DEBIAN-CVE-2024-26954

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smbstrndupfromutf16 If -NameOffset of smb2createreq is smaller than Buffer offset of smb2createreq, slab-out-of-bounds read can happen from smb2open. This patch set the minimum value of the name...

CVE-2024-26940

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create debugfs ttmresourcemanager entry only if needed The driver creates /sys/kernel/debug/dri/0/mobttm even when the corresponding ttmresourcemanager is not allocated. This leads to a crash when trying to read from...

UBUNTU-CVE-2024-26954

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smbstrndupfromutf16 If -NameOffset of smb2createreq is smaller than Buffer offset of smb2createreq, slab-out-of-bounds read can happen from smb2open. This patch set the minimum value of the name...

UBUNTU-CVE-2024-26986

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in createprocess failure Fix memory leak due to a leaked mmget reference on an error handling code path that is triggered when attempting to create KFD processes while a GPU reset is in progress...

CVE-2024-33306

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting XSS via "First Name" parameter in Create User...

PT-2024-25197 · Sourcecodester · Sourcecodester Computer Laboratory Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Laboratory Management System version 1.0 Description: The issue is related to Cross Site Scripting XSS via the Last Name parameter in the Create User function. This allows for potential malicious script injection...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which results in a memory leak when createprocess fails...

CVE-2024-33307

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting XSS via "Last Name" parameter in Create User...

CVE-2024-33307

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting XSS via "Last Name" parameter in Create User...

CVE-2024-33306

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting XSS via "First Name" parameter in Create User...

PT-2024-25196 · Sourcecodester · Sourcecodester Computer Laboratory Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Laboratory Management System version 1.0 Description: The issue is related to Cross Site Scripting XSS via the First Name parameter in the Create User function. This allows for potential malicious script injection...

CVE-2024-23772

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file create vulnerability exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components. This allows local attackers to create any file of their choice with NT Authority\SYSTEM privileges...

kernel: net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5efsttredirectanycreate The memory pointed to by the fs-any pointer is not freed in the error path of mlx5efsttredirectanycreate, which can lead to a memory leak. Fix by freeing the memory in the...

kernel: drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveauconnectorcreate We can't simply free the connector after calling drmconnectorinit on it. We need to clean up the drm side first. It might not fix all regressions fr...

kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()

A race condition was found in the QXL driver in the Linux kernel. The qxlmodedumbcreate function dereferences the qobj returned by the qxlgemobjectcreatewithhandle, but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigge...

SUSE CVE-2022-48659

In the Linux kernel, the following vulnerability has been resolved: mm/slub: fix to return errno if kmalloc fails In createuniqueid, kmalloc, GFPKERNEL can fail due to out-of-memory, if it fails, return errno correctly rather than triggering panic via BUGON; kernel BUG at mm/slub.c:5893! Internal...

CVE-2024-23772

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file create vulnerability exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components. This allows local attackers to create any file of their choice with NT Authority\SYSTEM privileges...

CVE-2024-23772

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file create vulnerability exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components. This allows local attackers to create any file of their choice with NT Authority\SYSTEM privileges...