CVE-2024-42164 Disabling MFA without Authentication

Insufficiently random values for generating password reset token in FIWARE Keyrock = 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable2fa link...

UBUNTU-CVE-2024-42127

In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt handlers must be prepared to be called at any time. At driver removal time, the clocks are disabled early and the interrupts stay...

CVE-2024-42107 ice: Don't process extts if PTP is disabled

In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if PTP is disabled The iceptpexttsevent function can race with iceptprelease and result in a NULL pointer dereference which leads to a kernel panic. Panic occurs because the iceptpexttsevent function call...

CVE-2024-41107 Apache CloudStack: SAML Signature Exclusion

The CloudStack SAML authentication disabled by default does not enforce signature check. In CloudStack environments where SAML authentication is enabled, an attacker that initiates CloudStack SAML single sign-on authentication can bypass SAML authentication by submitting a spoofed SAML response...

CVE-2024-39700

CVE-2024-39700 describes a remote code execution in the JupyterLab extension template copier, specifically in the update-integration-tests.yml workflow of the JupyterLab extension template used to bootstrap projects. The RCE is linked to repositories created with the template’s test option. Affec...

CVE-2024-37899 Disabling a user account changes its author, allowing RCE from user account in XWiki

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When an admin disables a user account, the user's profile is executed with the admin's rights. This allows a user to place malicious code in the user profile before getting an admin to disable...

XWiki Platform Code Injection Vulnerability

XWiki Platform is the XWiki Foundation's suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions prior to 14.10.21, 15.5.5, 15.10.6, and 16.0.0, which stems from the fact that disabling a user account changes its author,...

CVE-2024-36024

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution Why Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and...

CVE-2024-4858 Testimonial Carousel For Elementor <= 10.2.0 - Missing Authorization to Limited Setting Update

The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savetestimonialsoptioncallback' function in versions up to, and including, 10.2.0. This makes it possible for unauthenticated attackers to updat...

CVE-2024-35927

In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drmkmshelperpolldisable check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in drmmodeconfighelpersuspend...

CVE-2024-35799

A vulnerability was found in the AMD display driver in the Linux kernel. This issue occurs when disabling display streams, leading to a crash. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprisi...

Impact of TunnelVision Vulnerability

The Palo Alto Networks Product Security Assurance team has evaluated the TunnelVision vulnerability as it relates to our products. This issue allows an attacker with the ability to send DHCP messages on the same local area network, such as a rogue Wi-Fi network, to leak traffic outside of the...

GHSA-PQJM-XCP8-WGMM Ez Platform and Legacy are prone to an insecure interpretation of PHP/PHAR uploads

The eZ Platform and Legacy are affected by an issue related to how uploaded PHP and PHAR files are handled, and consists of two parts: 1. Web server configuration, and 2. Disabling the PHAR stream wrapper. 1. WEB SERVER CONFIGURATION The sample web server configuration in our documentation can in...

CVE-2022-48644

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: avoid disabling offload when it was never enabled In an incredibly strange API design decision, qdisc-destroy gets called even if qdisc-init never succeeded, not exclusively since commit 87b60cfacf9f "netsched:...

CVE-2024-32875

Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in internal render hooks. Hugo users who are impacted are those who have these hooks enabled and do not trust their Markdown content files. The...

CVE-2024-26841

A flaw was found in the Linux kernel. This vulnerability specifically affects LoongArch processors. The issue is related to the CPU sibling map, which is not correctly updated when non-boot CPUs are disabled. This issue could lead to errors on Symmetric Multi-Threading SMT systems, such as...

CVE-2024-26841 LoongArch: Update cpu_sibling_map when disabling nonboot CPUs

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Update cpusiblingmap when disabling nonboot CPUs Update cpusiblingmap when disabling nonboot CPUs by defining & calling clearcpusiblingmap, otherwise we get such errors on SMT systems: jump label: negative count!...

CVE-2024-26841

Exposed CVE-2024-26841 affecting LoongArch Linux kernels: when disabling nonboot CPUs, cpu_sibling_map is not updated, risking negative jump-label counts on SMT systems. A fix defines and calls clear_cpu_sibling_map() to refresh the mapping, mitigating a potential kernel instability (jump_label w...

PT-2024-3219 · Tenda · Tenda W15E

Name of the Vulnerable Software and Affected Versions: Tenda W15E version 15.11.0.14 Description: A critical issue has been found in the function formSetPortMapping of the file /goform/SetPortMapping. The manipulation of the arguments portMappingServer, portMappingProtocol, portMappingWan,...

CVE-2024-1646

parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host parameter is not '0.0.0.0' to restrict access, which is inadequate when the application is bound to a specific interface, allowing unauthorized...