CVE-2024-6446 Business Logic Errors in GitLab

An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2 prior to 17.2.5 and 17.3 prior to 17.3.2. A crafted URL could be used to trick a victim to trust an attacker controlled application...

Adobe Acrobat < 2015.006.30456 / 2017.011.30105 / 2019.008.20071 Multiple Vulnerabilities (APSB18-30) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2015.006.30456, 2017.011.30105, or 2019.008.20071. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and...

Adobe Reader < 2015.006.30456 / 2017.011.30105 / 2019.008.20071 Multiple Vulnerabilities (APSB18-30) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30456, 2017.011.30105, or 2019.008.20071. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and...

Adobe Reader < 2015.006.30461 / 2017.011.30110 / 2019.010.20064 Multiple Vulnerabilities (APSB18-41) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30461, 2017.011.30110, or 2019.010.20064. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2008...

Adobe Reader < 2015.006.30475 / 2017.011.30120 / 2019.010.20091 Multiple Vulnerabilities (APSB19-07) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30475, 2017.011.30120, or 2019.010.20091. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.3011...

Adobe Acrobat < 2015.006.30475 / 2017.011.30120 / 2019.010.20091 Multiple Vulnerabilities (APSB19-07) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2015.006.30475, 2017.011.30120, or 2019.010.20091. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.301...

DRUPAL-CONTRIB-2024-039

This module provides Drupal with various security-hardening options, for example by emitting various configurable HTTP response headers. The module doesn't sufficiently validate input in Content Security Policy CSP violation reports. This can cause errors when a logging module e.g. dblog or syslo...

AZL-49132 CVE-2024-8096 affecting package mysql for versions less than 8.0.36-1

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

PT-2024-6256 · Microsoft · Windows Remote Desktop Licensing Service +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Licensing Service affected versions not specified Description: The issue is related to synchronization errors in the Windows Remote Desktop Licensing Service, specifically a "race condition" scenario. This can be...

PT-2024-7324 · Intel · Intel Uefi Firmware

Name of the Vulnerable Software and Affected Versions: Intel UEFI Firmware affected versions not specified Description: The issue is related to improper input validation in UEFI firmware for some Intel processors, which may allow a privileged user to enable information disclosure or denial of...

PT-2024-7299 · Intel · Intel Uefi Firmware

Name of the Vulnerable Software and Affected Versions: Intel UEFI firmware affected versions not specified Description: A race condition in the UEFI firmware for some Intel processors may allow a privileged user to potentially enable escalation of privilege via local access. This issue is caused ...

ROS-20240906-02

Vulnerability of the kmemcachedestroy function of the lib/listdebug.c library of the Linux kernel is related to a buffer overrun. is related to an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20240906-01

Vulnerability of ip6tnlrcv function in net/ipv6/ip6tunnel.c module of Linux kernel IPv6 protocol implementation is related to use of uninitialized memory. of the Linux operating system is related to the use of uninitialized memory. Exploitation of the vulnerability could allow a remote attacker t...

The vulnerability of the PDF file analysis component in the ClamAV antivirus program allows a hacker to trigger a service failure.

The vulnerability of the PDF file analysis component in the ClamAV antivirus program is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to cause service failures when the user downloads a specially crafted PDF file for analysis...

SUSE CVE-2024-44961

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Forward soft recovery errors to userspace As we discussed before1, soft recovery should be forwarded to userspace, or we can get into a really bad state where apps will keep submitting hanging command buffers cascadin...

MAL-2024-8826 Malicious code in sigma-errors (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3261ce8608a1d5df2dc6eea25790460c5c3acc3ff03c223d4ece32c799bde4e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sigma-errors (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3261ce8608a1d5df2dc6eea25790460c5c3acc3ff03c223d4ece32c799bde4e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-44989

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

AZL-49959 CVE-2024-44961 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Forward soft recovery errors to userspace As we discussed before1, soft recovery should be forwarded to userspace, or we can get into a really bad state where apps will keep submitting hanging command buffers cascadin...

CVE-2024-44961 drm/amdgpu: Forward soft recovery errors to userspace

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Forward soft recovery errors to userspace As we discussed before1, soft recovery should be forwarded to userspace, or we can get into a really bad state where apps will keep submitting hanging command buffers cascadin...