199 matches found
UBUNTU-CVE-2024-26722
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645jackdetectwork There is a path in rt5645jackdetectwork, where rt5645-jdmutex is left locked forever. That may lead to deadlock when rt5645jackdetectwork is called for the second time. Found by...
CVE-2024-26722
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645jackdetectwork There is a path in rt5645jackdetectwork, where rt5645-jdmutex is left locked forever. That may lead to deadlock when rt5645jackdetectwork is called for the second time. Found by...
CVE-2024-26722 ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645jackdetectwork There is a path in rt5645jackdetectwork, where rt5645-jdmutex is left locked forever. That may lead to deadlock when rt5645jackdetectwork is called for the second time. Found by...
Thread Hijacking: Phishes That Prey on Your Curiosity
Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipients natural curiosity about being copied on a private discussion, whic...
Fedora: Security Advisory (FEDORA-2024-e34efa1300)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
jack-london.fr Cross Site Scripting vulnerability OBB-3438212
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware
The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a "fatal" operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two...
Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware
The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a "fatal" operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two...
MagicJack A921 USB Phone Jack 安全漏洞
MagicJack A921 USB Phone Jack is a USB jack for free local and long distance calls from MagicJack USA. A security vulnerability exists in MagicJack A921 USB Phone Jack version v.1.4, which stems from the presence of an insecure privilege vulnerability. An attacker could exploit the vulnerability ...
[SECURITY] Fedora 38 Update: qmmp-2.1.2-4.fc38
This program is an audio-player, written with help of Qt library. The user interface is similar to winamp or xmms. Main opportunities: Winamp and xmms skins support plugins support MPEG1 layer 2/3 support Ogg Vorbis support native FLAC support WavePack support ModPlug support PCM WAVE support CD...
Fedora: Security Advisory for qmmp (FEDORA-2023-a5e10b188a)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Starcounter-Jack JSON-Patch Prototype Pollution vulnerability
A vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack can be initiated remotely...
CVE-2021-4279
A vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack can be initiated remotely...
CVE-2021-4279
A vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack can be initiated remotely...
CVE-2021-4279 Starcounter-Jack JSON-Patch prototype pollution
A vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack can be initiated remotely...
CVE-2021-4279
CVE-2021-4279 refers to a prototype pollution vulnerability in Starcounter-Jack JSON-Patch up to version 3.1.0. The issue allows manipulation of Object.prototype attributes and can be triggered remotely. Public disclosures describe a patch in 3.1.1 (patch name 7ad6af41eabb2d799f698740a91284d762c9...
PT-2022-11692 · Unknown · Starcounter-Jack Json-Patch
Name of the Vulnerable Software and Affected Versions: Starcounter-Jack JSON-Patch versions up to 3.1.0 Description: A vulnerability has been found in Starcounter-Jack JSON-Patch, classified as problematic. This issue affects unknown code and leads to improperly controlled modification of object...
kernel: ALSA: jack: Access input_dev under mutex
In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access inputdev under mutex It is possible when using ASoC that inputdev is unregistered while calling sndjackreport, which causes NULL pointer dereference. In order to prevent this serialize access to inputdev using...
kernel: ALSA: jack: Access input_dev under mutex
In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access inputdev under mutex It is possible when using ASoC that inputdev is unregistered while calling sndjackreport, which causes NULL pointer dereference. In order to prevent this serialize access to inputdev using...
kernel: ASoC: rt7*-sdw: harden jack_detect_handler
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7-sdw: harden jackdetecthandler Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection. The rt700, rt711 and rt711-sdca are however missing a check on the card...