5458 matches found
CVE-2024-4985
An authentication bypass vulnerability was present in the GitHub Enterprise Server GHES when utilizing SAML single sign-on authentication with the optional encrypted assertions feature. This vulnerability allowed an attacker to forge a SAML response to provision and/or gain access to a user with...
CVE-2024-4985
An authentication bypass vulnerability was present in the GitHub Enterprise Server GHES when utilizing SAML single sign-on authentication with the optional encrypted assertions feature. This vulnerability allowed an attacker to forge a SAML response to provision and/or gain access to a user with...
CVE-2024-4985
The CVE-2024-4985 issue affects GitHub Enterprise Server (GHES) where SAML SSO with optional encrypted assertions can be abused to forge a SAML response, enabling provisioning or access to a site administrator account without prior authentication. The vulnerability impacts all GHES versions prior...
PT-2024-5050 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.13.0 GitHub Enterprise Server version 3.9.15 GitHub Enterprise Server version 3.10.12 GitHub Enterprise Server version 3.11.10 GitHub Enterprise Server version 3.12.4 Description: An authentication...
CVE-2023-52682
A vulnerability was found in the Linux kernel's Flash-Friendly File System F2FS implementation. This issue arises from a failure to wait for block writeback in the post-read case, which could lead to data corruption or inconsistencies. Mitigation Mitigation for this issue is either not available ...
CVE-2024-35791
A security vulnerability was identified in the Linux kernel's Kernel-based Virtual Machine subsystem KVM, specifically affecting the Secure Virtual Machine SVM feature used on AMD processors. The issue arises from a use-after-free condition in the svmregisterencregion function, which can lead to...
CVE-2023-52682
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fsgc -...
CVE-2023-52682
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fsgc -...
UBUNTU-CVE-2023-52682
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fsgc -...
CVE-2023-52682 f2fs: fix to wait on block writeback for post_read case
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fsgc -...
CVE-2023-52682 f2fs: fix to wait on block writeback for post_read case
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fsgc -...
CVE-2023-52682
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fsgc -...
CVE-2024-35791
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of converted pages in svmregisterencregion before dropping kvm-lock to fix use-after-free issues where region and/or its array of pages...
DEBIAN-CVE-2024-35791
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of converted pages in svmregisterencregion before dropping kvm-lock to fix use-after-free issues where region and/or its array of pages...
CVE-2024-35791
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of converted pages in svmregisterencregion before dropping kvm-lock to fix use-after-free issues where region and/or its array of pages...
UBUNTU-CVE-2024-35791
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of converted pages in svmregisterencregion before dropping kvm-lock to fix use-after-free issues where region and/or its array of pages...
Decryption Failure
illuminate/encryption is vulnerable to a Decryption Failure. The vulnerability is due to improper handling of encrypted payloads in the Laravel Encrypter component, allowing attackers to craft an encrypted payload, which upon decryption returns false, possibly resulting in unintended behavior in ...
The vulnerability of the Brocade SANnav network management software lies in the use of strictly encrypted user credentials, which allows an intruder to gain unauthorized access to protected information.
The vulnerability of the Brocade SANnav network management software is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
DEBIAN-CVE-2024-25743
In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES...
UBUNTU-CVE-2024-25743
In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES...