The vulnerability of IBM DB2 database management systems and IBM DB2 Connect Servers lies in resource management errors, which allow attackers to cause service failures.

The vulnerability of IBM DB2 database management systems, including IBM DB2 Connect Server, is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through specially crafted queries...

The vulnerability of IBM DB2 database management systems and IBM DB2 Connect Servers lies in resource management errors, which allow attackers to cause service failures.

The vulnerability of IBM DB2 database management systems, including IBM DB2 Connect Server, is related to resource management errors. Exploiting this vulnerability can allow attackers to cause service interruptions by executing specially crafted SQL queries remotely...

The vulnerability of the DefaultAzureCredential and ManagedIdentityCredential components of the Azure Identity Libraries and Microsoft Authentication Library allows a perpetrator to escalate their privileges.

The vulnerability of the DefaultAzureCredential and ManagedIdentityCredential components in the Azure Identity Libraries and Microsoft Authentication Library authentication libraries is related to synchronization errors when using a common resource. Exploiting this vulnerability can allow attacke...

CVE-2024-39469 nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfsemptydir misjudgment and long loop on I/O errors The error handling in nilfsemptydir when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or...

CVE-2024-39469

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfsemptydir misjudgment and long loop on I/O errors The error handling in nilfsemptydir when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or...

CVE-2024-39469

CVE-2024-39469 affects the Linux kernel nilfs2: the bug was in nilfs_empty_dir()’s error handling. If a directory folio/page read fails or nilfs_check_folio() fails, the old code could misjudge the directory as empty and even loop after a failed read, causing filesystem corruption or a long I/O l...

CVE-2024-39469 nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfsemptydir misjudgment and long loop on I/O errors The error handling in nilfsemptydir when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or...

CVE-2024-39469 nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfsemptydir misjudgment and long loop on I/O errors The error handling in nilfsemptydir when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or...

Malicious code in active-model-better_errors (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

CVE-2024-4641 OnCell G3470A-LTE Series: Authenticated Format String Errors

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument. An attacker could modify an externally controlled format string to cause a memory leak and denial of service...

python: Path traversal on tempfile.TemporaryDirectory

A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...

python: Path traversal on tempfile.TemporaryDirectory

A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that originates from a problem or error in the server that prevents it from processing requests or providing services properly...

python: Path traversal on tempfile.TemporaryDirectory

A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-073)

The version of kernel installed on the remote host is prior to 5.4.149-73.259. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-073 advisory. A flaw was found in the Linux kernel. When reusing a socket with an attached dccpshctxccid as a listener, t...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. When reusing a socket with an attached dccpshctxccid as a listener, the socket will be used after being released leading to denial of service DoS or a potential code execution. The highest threat from this vulnerability is to data...

The vulnerability of the Kernel-mode operating system driver in Windows allows a hacker to increase their privileges.

The vulnerability of the Kernel-mode operating system driver in Windows is related to synchronization errors when using common resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2024-38619

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...

UBUNTU-CVE-2024-38619

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...

CVE-2024-38619

CVE-2024-38619 (Linux kernel, usb-storage alauda) : The issue arises in the alauda media handling where the field uzonesize can stay zero if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and alauda_write_lba(). The fix, as described in the description, adds a ...