Exploit for CVE-2024-34313

CVE-2024-34313 !Producthttps://img.shields.io/badge/produc...

SUSE CVE-2024-36286

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: acquire rcureadlock in instancedestroyrcu syzbot reported that nfreinject could be called without rcureadlock : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a 0 Not tainted...

DEBIAN-CVE-2024-36286

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: acquire rcureadlock in instancedestroyrcu syzbot reported that nfreinject could be called without rcureadlock : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a 0 Not tainted...

UBUNTU-CVE-2024-38659

In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...

UBUNTU-CVE-2024-36286

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: acquire rcureadlock in instancedestroyrcu syzbot reported that nfreinject could be called without rcureadlock : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a 0 Not tainted...

CVE-2024-36281 net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use mlx5ipsecrxstatusdestroy to correctly delete status rules rxcreate no longer allocates a modifyhdr instance that needs to be cleaned up. The mlx5modifyheaderdealloc call will lead to a NULL pointer dereference. A le...

DEBIAN-CVE-2021-47596

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevfsendmbxmsg Currently, the hns3remove function firstly uninstall client instance, and then uninstall acceletion engine device. The netdevice is freed in client instance uninstall process...

UBUNTU-CVE-2021-47596

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevfsendmbxmsg Currently, the hns3remove function firstly uninstall client instance, and then uninstall acceletion engine device. The netdevice is freed in client instance uninstall process...

Duplicate users when using pagination(start,limit parameter) in GET /rest/api/user/list REST API call.

h3. Issue Summary When paginationstart, limit parameter is used in a GET /rest/api/user/list REST API call, duplicate users are observed. This is reproducible on Data Center: yes h3. Steps to Reproduce On a Confluence instance with multiple users from external and internal directories, run the...

Rocky Linux 8 : python-pillow (RLSA-2024:3005)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3005 advisory. python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument CVE-2023-44271 Tenable has extracted t...

CVE-2024-35225 Jupyter Server Proxy has a reflected XSS issue in host parameter

Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting XSS issue. The /proxy endpoint accepts a host path segmen...

Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever

A Server-Side Request Forgery SSRF vulnerability exists in the Web Research Retriever component in langchain-community langchain-community.retrievers.webresearch.WebResearchRetriever. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet...

CVE-2024-3095

A Server-Side Request Forgery SSRF vulnerability exists in the Web Research Retriever component of langchain-ai/langchain version 0.1.5. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This...

CVE-2024-1880

CVE-2024-1880 concerns the significant-gravitas/autogpt project, where the MacOSTTS component (MacOS Text-To-Speech) in the _speech method uses os.system to run the say command with user-supplied text. This allows OS command injection and potential arbitrary code execution when AutoGPT is run wit...

Microsoft Azure SQL Managed Instance Documentation SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the permissions granted to an SAS token. An attacker can leverage this vulnerability to launch a supply-chain attac...

PT-2024-7495 · Mitel · Mivoice Business Solution Virtual Instance +1

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions 9.7.1.110 and earlier MiVoice Business Solution Virtual Instance MiVB SVI version 1.0.0.25 Description: A vulnerability in the Desktop Client could allow an unauthenticated attacker to conduct a command injection attac...

CVE-2023-52806

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix possible null-ptr-deref when assigning a stream While AudioDSP drivers assign streams exclusively of HOST or LINK type, nothing blocks a user to attempt to assign a COUPLED stream. As supplied substream instance ma...

UBUNTU-CVE-2023-52859

In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, the pmu context may not been allocated. The error handing will call cpuhpstateremoveinstance to call uncore pmu offline callback, whi...

CVE-2021-47335

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsyncentryslab by multi filesystem instances As syzbot reported, there is an use-after-free issue during f2fs recovery: Use-after-free write at 0xffff88823bc16040 in kfence-10:...

CVE-2021-47272

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...