AZL-68108 CVE-2024-38620 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Remove HCIAMP support Since BTHS has been remove HCIAMP controllers no longer has any use so remove it along with the capability of creating AMP controllers. Since we no longer need to differentiate between AMP an...

CVE-2024-37676

CVE-2024-37676 affects the open-source tool htop-dev htop v2.20. The vulnerability is an out-of-bounds access in the function Header_populateFromSettings , allowing a local attacker to exploit it (attack vector: LOCAL). The provided documents consistently identify the impact as local confidential...

CVE-2024-37676

An issue in htop-dev htop v.2.20 allows a local attacker to cause an out-of-bounds access in the HeaderpopulateFromSettings function...

WordPress Defender Security Plugin <= 3.3.2 is vulnerable to Broken Authentication

Software Defender Security Type Plugin Vulnerable versions = 3.3.2 Fixed in 3.3.3 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2022-44581 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID e5d5684810f0 Credits Snicco Required privilege...

CVE-2024-37676

An issue in htop-dev htop v.2.20 allows a local attacker to cause an out-of-bounds access in the HeaderpopulateFromSettings function...

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already called by registernetdevice if something goes wrong. Alternative would be to make ipip6devfree robust against multiple invocations, but...

DEBIAN-CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already called by registernetdevice if something goes wrong. Alternative would be to make ipip6devfree robust against multiple invocations, but...

UBUNTU-CVE-2021-47599

In the Linux kernel, the following vulnerability has been resolved: btrfs: use latestdev in btrfsshowdevname The test case btrfs/238 reports the warning below: WARNING: CPU: 3 PID: 481 at fs/btrfs/super.c:2509 btrfsshowdevname+0x104/0x1e8 btrfs CPU: 2 PID: 1 Comm: systemd Tainted: G W O...

CVE-2024-36974

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...

PT-2024-37356 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.5-DEV-rev228-g11067ea92-master Description: A problematic issue was found, affecting the swf svg add iso sample function of the src/filters/load text.c file in the MP4Box component. This issue leads to a null pointer dereferenc...

GPAC Code Issue Vulnerability

GPAC is an open source multimedia framework. A code issue vulnerability exists in GPAC version 2.5-DEV-rev228-g11067ea92-master, which stems from a mishandling of a related function that results in a null pointer dereference...

Debian dla-3829 : libmilter-dev - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3829 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3829-2 [email protected] https://www.debian.org/lts/security/...

CVE-2024-36966

A flaw was found in the Linux kernel. A race condition can cause an attempted free on a corrupt pointer, leading to a module failure...

webpack-dev-middleware: lack of URL validation may lead to file leak

A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling...

Important: Red Hat Security Advisory: Migration Toolkit for Runtimes security, bug fix and enhancement update

Migration Toolkit for Runtimes 1.2.6 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

kernel: net: bridge: data races indata-races in br_handle_frame_finish()

In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...

CVE-2024-32792

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This issue affects Hummingbird: from n/a through = 3.7.3...

CVE-2024-32792

Missing Authorization vulnerability in WPMU DEV Hummingbird.This issue affects Hummingbird: from n/a through 3.7.3...

CVE-2024-32792

CVE-2024-32792: Missing Authorization in WordPress WPMU DEV Hummingbird plugin (

PT-2024-24865 · Wpmu Dev · Wpmu Dev Hummingbird

Name of the Vulnerable Software and Affected Versions: WPMU DEV Hummingbird versions 3.7.3 and earlier Description: The issue is related to a Missing Authorization vulnerability in WPMU DEV Hummingbird. Recommendations: For WPMU DEV Hummingbird versions 3.7.3 and earlier, update to a version late...