4411 matches found
[SECURITY] Fedora 39 Update: python3-docs-3.12.4-1.fc39
The python3-docs package contains documentation on the Python 3 programming language and interpreter...
CGA-XCPJ-777H-M2H4
Bulletin has no description...
RHEL 8 / 9 : OpenShift Container Platform 4.16.1 (RHSA-2024:4159)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4159 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued the permission model is an experimental feature of Node.js.
...
CVE-2024-4994
creationtimestamp| type| source ---|---|--- 2024-06-28 13:05:27+00:00| seen| https://t.me/truesecator/5912 2025-06-20 18:42:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19039 2025-06-20 21:24:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ls2xxpe5x...
The Windows Registry Adventure #3: Learning resources
Posted by Mateusz Jurczyk, Google Project Zero When tackling a new vulnerability research target, especially a closed-source one, I prioritize gathering as much information about it as possible. This gets especially interesting when it's a subsystem as old and fundamental as the Windows registry...
CVE-2024-38526
pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1...
CVE-2024-38526 pdoc embeds link to malicious CDN if math mode is enabled
pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1...
CVE-2024-38526 pdoc embeds link to malicious CDN if math mode is enabled
pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1...
CVE-2024-38526
CVE-2024-38526 affects the pdoc Python library for API documentation. The underlying issue arises from web assets loaded from the polyfill.io CDN, which has been compromised, leading to delivery of malicious JavaScript through the CDN when using pdoc --math. Several connected sources indicate thi...
SUSE CVE-2024-37021
In the Linux kernel, the following vulnerability has been resolved: fpga: manager: add owner module and take its refcount The current implementation of the fpga manager assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's...
CVE-2024-36479
In the Linux kernel, the following vulnerability has been resolved: fpga: bridge: add owner module and take its refcount The current implementation of the fpga bridge assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's refcoun...
MAL-2024-6657 Malicious code in apress_documentation (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
DEBIAN-CVE-2024-36479
In the Linux kernel, the following vulnerability has been resolved: fpga: bridge: add owner module and take its refcount The current implementation of the fpga bridge assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's refcoun...
CVE-2024-37021
In the Linux kernel, the following vulnerability has been resolved: fpga: manager: add owner module and take its refcount The current implementation of the fpga manager assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's...
AZL-56303 CVE-2024-37021 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: fpga: manager: add owner module and take its refcount The current implementation of the fpga manager assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's...
CVE-2024-36479
In the Linux kernel, the following vulnerability has been resolved: fpga: bridge: add owner module and take its refcount The current implementation of the fpga bridge assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's refcoun...
CVE-2024-35247
In the Linux kernel, the following vulnerability has been resolved: fpga: region: add owner module and take its refcount The current implementation of the fpga region assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's refcoun...
AZL-56211 CVE-2024-36479 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: fpga: bridge: add owner module and take its refcount The current implementation of the fpga bridge assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's refcoun...
CVE-2024-37021
In the Linux kernel, the following vulnerability has been resolved: fpga: manager: add owner module and take its refcount The current implementation of the fpga manager assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's...