CVE-2024-8421

...

SNMP service is enabled by default in Sharp NEC Display Solutions projectors

Overview Multiple projectors provided by Sharp NEC Display Solutions, Ltd. are configured with SNMP service enabled by default, therefore can be accessed by specifying SNMP community name "public" CWE-1242 ,CVE-2024-7011. SNMP service configuration enable/disable cannot be changed on the manageme...

SUSE CVE-2024-46823

In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflowallocationtest The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope. However, it is being used as a driver name when calling 'kunitdrivercreate' from...

CVE-2024-46823

A flaw was found in the Linux kernel before initialization in subsystem tests. The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope, however, it is being used as a driver name when calling 'kunitdrivercreate' from 'kunitdeviceregister', which can produce a kerne...

CVE-2024-47170 Agnai File Disclosure Vulnerability: JSON via Path Traversal

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information an...

CVE-2024-8404 Arbitrary File Deletion in PaperCut NG/MF Web Print Hot folder

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege...

SUSE CVE-2024-46778

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfigurationparamsst's UnboundedRequestEnabled is a pointer i.e. dmlboolt UnboundedRequestEnabled, and thus if p-UnboundedRequestEnabled checks its...

DEBIAN-CVE-2024-46778

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfigurationparamsst's UnboundedRequestEnabled is a pointer i.e. dmlboolt UnboundedRequestEnabled, and thus if p-UnboundedRequestEnabled checks its...

AZL-53247 CVE-2024-46778 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfigurationparamsst's UnboundedRequestEnabled is a pointer i.e. dmlboolt UnboundedRequestEnabled, and thus if p-UnboundedRequestEnabled checks its...

AZL-53358 CVE-2024-46778 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfigurationparamsst's UnboundedRequestEnabled is a pointer i.e. dmlboolt UnboundedRequestEnabled, and thus if p-UnboundedRequestEnabled checks its...

D-Link DIR-X4860 安全漏洞

The D-Link DIR-X4860 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-X4860 that stems from the use of hard-coded credentials, which allows an attacker to force the telnet service to be enabled and log in using hard-coded credentials...

CVE-2024-46712

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

UBUNTU-CVE-2024-46712

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

CVE-2024-46712 drm/vmwgfx: Disable coherent dumb buffers without 3d

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

CVE-2024-46712 drm/vmwgfx: Disable coherent dumb buffers without 3d

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

PT-2024-6865 · D Link · D-Link Covr-X1870 +2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X4860 A1 version 1.00/1.04 D-Link DIR-X5460A1 affected versions not specified D-Link COVR-X1870 affected versions not specified Description: The issue concerns a hidden functionality in certain D-Link wireless routers where the...

CVE-2024-45012

In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: use dma non-coherent allocator Currently, enabling SGDEBUG in the kernel will cause nouveau to hit a BUG on startup, when the iommu is enabled: kernel BUG at include/linux/scatterlist.h:187! invalid opcode: 0000...

UBUNTU-CVE-2024-45012

In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: use dma non-coherent allocator Currently, enabling SGDEBUG in the kernel will cause nouveau to hit a BUG on startup, when the iommu is enabled: kernel BUG at include/linux/scatterlist.h:187! invalid opcode: 0000...

CVE-2024-7721

The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savepassword' function in all versions up to, and including, 2.5.34. This makes it possible for authenticated attackers, wit...

September 10, 2024—KB5043138 (Monthly Rollup)

September 10, 2024—KB5043138 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...