CVE-2024-38619

CVE-2024-38619 (Linux kernel, usb-storage alauda) : The issue arises in the alauda media handling where the field uzonesize can stay zero if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and alauda_write_lba(). The fix, as described in the description, adds a ...

CVE-2024-38619 usb-storage: alauda: Check whether the media is initialized

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...

CVE-2024-38619 usb-storage: alauda: Check whether the media is initialized

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spoofing attacks...

Fedora 39 : composer (2024-bb55f8476a)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-bb55f8476a advisory. Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name GHSA-47f6-5gq3-vx9c / CVE-2024-35241 Security: Fixed multip...

CVE-2024-38619

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...

PT-2024-4336 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to conduct spoofing attacks. Recommendations: A...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spoofing attacks...

The vulnerability of Microsoft Edge browser for iOS, related to information representation errors in the user interface, allows a hacker to perform spoofing attacks.

The vulnerability of Microsoft Edge browser for iOS is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spoofing attacks...

The vulnerability of the microprogramming software of Schneider Electric’s Automation Servers SpaceLogic AS-P and SpaceLogic AS-B lies in synchronization errors when using common resources, allowing attackers to gain increased privileges.

The vulnerability of the microprogramming software of Schneider Electric’s Automation Servers SpaceLogic AS-P and SpaceLogic AS-B is related to synchronization errors when using a common resource. Exploiting this vulnerability can allow attackers to increase their privileges...

CVE-2024-38599 jffs2: prevent xattr node from overflowing the eraseblock

In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the xattr nodes aren't...

The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.

The vulnerability of the Windows operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.

The vulnerability of the Windows operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

Fedora 40 : composer (2024-9ed24c98cd)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9ed24c98cd advisory. Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name GHSA-47f6-5gq3-vx9c / CVE-2024-35241 Security: Fixed multip...

The vulnerability of the network routing implementation software on Unix-like systems, related to memory release errors, allows a hacker to cause a service failure.

The vulnerability of the FRRouting software for implementing network routing on Unix-like systems is related to the improper processing of the BGP UPDATE message created with the MPUNREACHNLRI attribute and additional data NLRI. Exploiting this vulnerability can allow a malicious actor to cause...

SSH communication between Netscaler Console nodes and/or Netscaler/Netscaler-SDX instance(s) fails

After upgrading Netscaler Console aka. ADM from earlier versions to either13.1-53.17 or 53.22 refresh build or 14.1-25.53, certain tasks like re-creating HA deployment, Netscaler backup , or other tasks involving SSH connection may fail and manifest in error popup or log entries in...

DEBIAN-CVE-2024-37795

A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service DoS via a crafted SMT-LIB input file containing the set-logic command with specific formatting errors...

CVE-2024-37795

A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service DoS via a crafted SMT-LIB input file containing the set-logic command with specific formatting errors...

UBUNTU-CVE-2024-37795

A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service DoS via a crafted SMT-LIB input file containing the set-logic command with specific formatting errors...

The vulnerability of the Wi-Fi driver for Windows operating systems, allowing a hacker to execute arbitrary code

The vulnerability of Wi-Fi operating system Windows drivers is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted network packet...