CVE-2022-48790

In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load Unlike .queuerq, in .submitasyncevent drivers may not check the ctrl readiness for AER submission. This may lead to a use-after-free condition that was observed...

CVE-2024-4839 CSRF in Servers Configurations in parisneo/lollms-webui

A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service under construction, XTTS service, Petals service, vLLM service, and Motion Ctrl service,...

CVE-2024-4839 CSRF in Servers Configurations in parisneo/lollms-webui

A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service under construction, XTTS service, Petals service, vLLM service, and Motion Ctrl service,...

CVE-2024-4839

CVE-2024-4839 affects parisneo/lollms-webui, versions 9.6 through the latest. The vulnerability is a CSRF flaw in the 'Servers Configurations' function that guards several components (Elastic search Service, XTTS service, Petals service, vLLM service, Motion Ctrl service). The root cause is lack ...

CVE-2024-35942

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mpblk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

CVE-2024-35942

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mpblk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

CVE-2024-35942 pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mpblk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

CVE-2024-35942

CVE-2024-35942 relates to the Linux kernel and affects the imx8mp block clock handling. The issue occurs when the fdcc clock, intended for the HDMI RX domain, is added to the hdmimix domain while HDMI TX/LCDIF probe sequencing can disable it. If the clock is disabled before HDMI/LCDIF probe, LCDI...

@audius/fetch-nft (>=0.1.8-beta.1 <=0.2.6), @audius/sdk (>=3.0.8-beta.13 <=4.2.0) +52 more potentially affected by CVE-2024-30253 via @solana/web3.js (>=1.78.0 <=1.78.7)

@solana/web3.js NPM version =1.78.0, =0.1.8-beta.1, =3.0.8-beta.13, =0.0.10, =2.20.1-beta.306, =14.2.1-beta.306, =2.2.3-alpha.61, =1.0.1-rc.0, =2.21.0, =2.6.0, =0.0.5-beta.0, =1.1.0, =1.1.11 - @ctrl-tech/chains-controller =2.0.5 - @ctrl-tech/chains-solana =2.0.18 and more Source cves:...

DEBIAN-CVE-2024-26846

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

The vulnerability of the hid_submit_ctrl function in the USB HID driver of the Linux operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the hidsubmitctrl function in the USB HID driver of the Linux operating system is related to the disclosure of information. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

DEBIAN-CVE-2021-47075

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak in nvmetallocctrl When creating ctrl in nvmetallocctrl, if the cntlidmin is larger than cntlidmax of the subsystem, and jumps to the "outfreechangednslist" label, but the ctrl-sqs lack of be freed. Fix this...

CWA 2203 CU5 | ALT key remains activated after CTRL + ALT + DEL

Using CTRL+ALT+DEL results in the ALT key remaining activated. Following inputs will either open menus or add "Alt" in front of the pressed letter/key...

CVE-2023-51748

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

CVE-2023-51748

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

Code injection

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

CVE-2023-51748

ScaleFusion 10.5.2 is affected by a kiosk-mode security issue where Ctrl-O and Ctrl-S can bypass the Edge application restriction, potentially exposing the isolated environment. Root cause: insufficient access control in Scalefusion MDM Agent allowing users to access the file explorer. The issue ...

CVE-2023-51748

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

CVE-2023-7147

CVE-2023-7147 affects gopeak MasterLab up to 3.3.10. The vulnerability is in the function base64ImageContent in app/ctrl/User.php; manipulation of the image argument allows unrestricted file upload and can be triggered remotely. No exploit details are provided in the documents. Remediation/status...

Sven gopeak masterlab code issue vulnerability

Sven gopeak masterlab is a Sven open source application. Provides simple and efficient , agile development based project management tools . Sven gopeak masterlab version 3.3.10 and earlier versions of the code problematic vulnerability , the vulnerability stems from app/ctrl/admin/User.php...