1576 matches found
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6951-1)
"The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6951-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Important: python-werkzeug
Issue Overview: Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain...
Amazon Linux 2023 : python3-werkzeug (ALAS2023-2024-662)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-662 advisory. Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This...
How to Enable Special Pool Tagging for a Driver
If the stack of a process is overrun by another process, analysis of the dump is not possible because the crash occurs when the original process writes to the kernel space which is already occupied by the other, misbehaving component. Enabling Special Pool Tagging causes the driver to crash as so...
UBUNTU-CVE-2024-39480
In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy to insert the completed symbol into the command buffer. Unfortunately it passes the size of t...
CBL Mariner 2.0 Security Update: python-werkzeug (CVE-2024-34069)
The version of python-werkzeug installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-34069 advisory. - Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of...
Updated python-werkzeug packages fix security vulnerability
Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, an...
MGASA-2024-0234 Updated python-werkzeug packages fix security vulnerability
Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, an...
Google Introduces Project Naptime for AI-Powered Vulnerability Research
Google has developed a new framework called Project Naptime that it says enables a large language model LLM to carry out vulnerability research with an aim to improve automated discovery approaches. "The Naptime architecture is centered around the interaction between an AI agent and a target...
SUSE SLED15 / SLES15 Security Update : python-Werkzeug (SUSE-SU-2024:1624-2)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1624-2 advisory. - CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain...
SUSE SLED15 / SLES15 Security Update : python-Werkzeug (SUSE-SU-2024:1591-2)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1591-2 advisory. - CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain...
CVE-2024-36699
A flaw was found in GNU Debugger in versions 8.2 through 14.2. This issue contains a buffer overflow via the gdb.selectedinferior.readmemory component at utils.c...
CVE-2024-36699
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
CVE-2024-36699
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
Exploit for OS Command Injection in Php
CVE-2024-4577 Analysis Above is my analysis...
Number withdrawn
GNU gdb is a GNU project debugger from the American GNU community. It supports debugging C, C++, Pascal, and FORTRAN programming languages. This CVE number has been withdrawn...
CVE-2024-36699
The connected records indicate a vulnerability in GNU Debugger (GDB) affecting versions 8.2 through 14.2, caused by a buffer overflow in gdb.selected_inferior().read_memory within utils.c. Red Hat notes a buffer overflow in this component; SUSE and OSV references reinforce the issue as CVE-2024-3...
Fedora: Security Advisory for rust-btrd (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for rust-desed (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2021-32672
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger's protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...