Node.js: Corrupted pointer in node::fs::ReadFileUtf8(const FunctionCallbackInfo<Value>& args) when args[0] is a string.

In Node.js, the ReadFileUtf8 internal binding was found to have a memory leak due to a corrupted pointer in uvfss.file. A UTF-16 path buffer was allocated and subsequently overwritten when the file descriptor was set, leading to an unrecoverable memory leak on every call...

VulnCheck KEV: CVE-2024-9593

The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute...

PT-2024-9994 · WordPress · Time Clock +1

Name of the Vulnerable Software and Affected Versions: Time Clock plugin versions up to 1.2.2 Time Clock Pro plugin versions up to 1.1.4 Description: The issue concerns the etimeclockwp load function callback function, which is related to improper management of code generation. This allows...

CVE-2024-0217 Packagekitd: use-after-free in idle function callback

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any...

GSD-2022-1000556 net/smc: Avoid overwriting the copies of clcsock callback functions

net/smc: Avoid overwriting the copies of clcsock callback functions This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.11 by commit...