CVE-2024-39536 Junos OS and Junos OS Evolved: Flaps of BFD sessions with authentication cause a ppmd memory leak

A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon ppmd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service DoS. When a BFD session configured with authentication...

Siemens SIMATIC STEP 7 (TIA Portal) Deserialization Vulnerability

SIMATIC PCS neo is a distributed control system DCS. simatic STEP 7 TIA Portal is an engineering software for configuring and programming simatic controllers. totally Integrated Automation Portal TIA Portal is a PC software that offers the complete range of Siemens digital automation services, fr...

CVE-2024-38061

DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability...

CVE-2024-38049

Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability...

CVE-2024-38049

Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability...

CVE-2024-38049 Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability

...

CVE-2024-38049

Technical details (affected components, exploit vectors, or patch specifics) for CVE-2024-38049 are not provided in the connected documents. No public details are present in the supplied sources; monitor for updates.

Important: Red Hat Security Advisory: booth security update

An update for booth is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability

...

Microsoft Windows Security Vulnerabilities

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Distributed Transaction Coordinator. An attacker could exploit the vulnerability to remotely execute code. The following products and...

RHEL 9 : git (RHSA-2024:4368)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4368 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...

git security update

An update is available for git. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git is a distributed revision control system with a decentralized architecture. A...

CVE-2024-38525

dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...

CVE-2024-38525

CVE-2024-38525 affects dd-trace-cpp (Datadog tracing for C++). The root cause is that when trying to extract trace context from malformed unicode, the code logs audited headers/values using the nlohmann JSON library and triggers an uncaught exception, causing a crash. The vulnerability has been p...

Remote Code Execution (RCE)

torch is vulnerable to Remote Code Execution RCE. The vulnerability is caused by a lack of restriction on function calls when a worker node sends a PythonUDF to the master node, which then executes the function without proper validation within the torch.distributed.rpc framework. This allows...

CVE-2024-5480

A vulnerability in PyTorch's torch.distributed.rpc framework, specifically in versions prior to 2.2.2, allows for remote code execution RCE. The framework, which is used in distributed training scenarios, does not properly verify the functions being called during RPC Remote Procedure Call...

Important: Red Hat Security Advisory: Red Hat Service Interconnect 1.4.5 Release security update

This is release 1.4 of the container images for Red Hat Service Interconnect. Red Hat Service Interconnect 1.4 introduces a service network, linking TCP and HTTP services across the hybrid cloud. A service network enables communication between services running in different network locations or...

Important: Red Hat Security Advisory: Red Hat Service Interconnect 1.4.5 Release security update

This is release 1.4 of the rpms for Red Hat Service Interconnect. Red Hat Service Interconnect 1.4 introduces a service network, linking TCP and HTTP services across the hybrid cloud. A service network enables communication between services running in different network locations or sites. It allo...

USN-6819-4: Linux kernel (Oracle) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6819-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-4 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...