11 matches found
CVE-2019-11701
The default webcal: protocol handler will load a web site vulnerable to cross-site scripting XSS attacks. This default was left in place as a legacy feature and has now been removed. Note: this issue only affects users with an account on the vulnerable service. Other users are unaffected.. This...
CVE-2023-54241 MIPS: KVM: Fix NULL pointer dereference
In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix NULL pointer dereference After commit 45c7e8af4a5e3f0bea4ac209 "MIPS: Remove KVMTE support" we get a NULL pointer dereference when creating a KVM guest: 146.243409 Starting KVM with MIPS VZ extensions 149.849151 CP...
GHSA-X4QJ-2F4Q-R4RX Parse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI Format
Impact A Server-Side Request Forgery SSRF vulnerability in the file upload functionality when trying to upload a Parse.File with uri parameter allows to execute an arbitrary URI. The vulnerability stems from a file upload feature in which Parse Server retrieves the file data from a URI that is...
OpenAI kills “short-lived experiment” where ChatGPT chats could be found on Google
A little-known ChatGPT "feature" is now gone. It could be a good thing. On X, OpenAI Chief Information Security Officer Dane Stuckey announced that OpenAI "removed a feature from ChatGPT that allowed users to make their conversations discoverable by search engines, such as Google." Stuckey called...
CVE-2024-45818
The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the virtual VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a problem when emulatin...
UBUNTU-CVE-2024-45818
The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the virtual VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a problem when emulatin...
CVE-2024-45818 Deadlock in x86 HVM standard VGA handling
The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the virtual VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a problem when emulatin...
CVE-2024-45818
The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the virtual VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a problem when emulatin...
CVE-2024-45818 Deadlock in x86 HVM standard VGA handling
The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the virtual VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a problem when emulatin...
python3 security update
3.6.8-18.0.5 - Remove the 'getfile' feature of pydoc Orabug: 33182027CVE-2021-3426...
Facebook Ticker partially Removed Due To Various Bugs
Facebook Ticker partially Removed Due To Various Bugs According to a Post on Facebook Known Issues Page, Facebook has removed the ticker apparently motivated the social network to call the phenomenon a bug that's undergoing a fix. Facebook says that "Some people are seeing their ticker disappear...