Microsoft Edge browser’s vulnerability, related to errors in data type mixing, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Edge is related to type conversion errors. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

gitoxide 安全漏洞

gitoxide is a git implementation written in Rust by the individual developer Sebastian Thiel. A security vulnerability exists in gitoxide that originated from not eliminating line breaks, backspaces, or control characters that appear in repository paths, author and committer names, commit message...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-2282)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GO-2022-0502 Weave GitOps leaked cluster credentials into logs on connection errors in github.com/weaveworks/weave-gitops

Weave GitOps leaked cluster credentials into logs on connection errors in github.com/weaveworks/weave-gitops...

UBUNTU-CVE-2024-7885

A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the...

CVE-2024-7885

A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the...

python: Path traversal on tempfile.TemporaryDirectory

A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...

PT-2024-7392

Name of the Vulnerable Software and Affected Versions: Webmin Usermin version 2.100 Description: A discrepancy in error messages for invalid login attempts in Webmin Usermin allows attackers to enumerate valid user accounts. This issue is related to shortcomings in the error reporting mechanism,...

GO-2023-1658 Answer vulnerable to Business Logic Errors in github.com/answerdev/answer

Answer vulnerable to Business Logic Errors in github.com/answerdev/answer...

GO-2023-1660 Answer vulnerable to Business Logic Errors in github.com/answerdev/answer

Answer vulnerable to Business Logic Errors in github.com/answerdev/answer...

ROS-20240820-02

Vulnerability of certstorestats and getcacerts functions of ssl module of programming language interpreter Python CPython is related to synchronization errors when using a shared resource. Exploitation The exploitation of the vulnerability may allow a remote intruder to gain unauthorized access t...

ROS-20240820-01

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release. memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code using a specially crafted w...

python: Path traversal on tempfile.TemporaryDirectory

A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...

CVE-2024-42266

In the Linux kernel, the following vulnerability has been resolved: btrfs: make cowfilerangeinline honor lockedpage on error The btrfs buffered write path runs through extentwritepage which has some tricky return value handling for writepagedelalloc. Specifically, when that returns 1, we exit, bu...

CVE-2024-42266 btrfs: make cow_file_range_inline() honor locked_page on error

In the Linux kernel, the following vulnerability has been resolved: btrfs: make cowfilerangeinline honor lockedpage on error The btrfs buffered write path runs through extentwritepage which has some tricky return value handling for writepagedelalloc. Specifically, when that returns 1, we exit, bu...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the mm component's handling of static and dynamic page table folding, resulting in random oop...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure of the btrfs file system to properly handle locked pages when processing writes, resulting in assertio...

ROS-20240816-15

A vulnerability in the PHP programming language interpreter is related to the erroneous handling of cookies due to the replacement of spaces, dots, and open square brackets with underscores. as a result of replacing spaces, periods and open square brackets with underscores. Exploitation...

PT-2024-6129 · Ibm · Ibm Qradar Suite +1

Name of the Vulnerable Software and Affected Versions: IBM QRadar Suite Software versions 1.10.12.0 through 1.10.22.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0 Description: The issue is related to weaknesses in the error reporting mechanism of IBM QRadar Suite and IBM Cloud P...

The vulnerability of Microsoft Office packages, Microsoft 365 Apps for Enterprise, and Microsoft Project, a project management software, relates to errors in processing input data, allowing an attacker to execute arbitrary code.

The vulnerabilities of Microsoft Office packages, Microsoft 365 Apps for Enterprise, and Microsoft Project management software are related to errors in processing input data. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code, provided that the user opens a...