NewStart CGSL CORE 5.05 / MAIN 5.05 : openssh Vulnerability (NS-SA-2024-1002)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has openssh packages installed that are affected by a vulnerability: - openssh: A security regression CVE-2006-5051 was discovered in OpenSSH's server sshd. There is a race condition which can lead sshd to handle some signals i...

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssh Vulnerability (NS-SA-2024-1001)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssh packages installed that are affected by a vulnerability: - openssh: A security regression CVE-2006-5051 was discovered in OpenSSH's server sshd. There is a race condition which can lead sshd to handle some signals i...

NewStart CGSL MAIN 6.06 : openssh Vulnerability (NS-SA-2024-1004)

The remote NewStart CGSL host, running version MAIN 6.06, has openssh packages installed that are affected by a vulnerability: - openssh: A security regression CVE-2006-5051 was discovered in OpenSSH's server sshd. There is a race condition which can lead sshd to handle some signals in an unsafe...

CVE-2024-45442

Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability...

PT-2024-19003 · Discourse · Discourse Calendar

Name of the Vulnerable Software and Affected Versions: discourse-calendar affected versions not specified Description: The discourse-calendar plugin has a limit on region value length that is too generous, allowing a malicious actor to cause a Discourse instance to use excessive bandwidth and dis...

GO-2022-1200 Elrond-GO processing: fallback search of SCRs when not found in the main cache in github.com/ElrondNetwork/elrond-go

Elrond-GO processing: fallback search of SCRs when not found in the main cache in github.com/ElrondNetwork/elrond-go...

SUSE CVE-2024-42262

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it ...

SUSE CVE-2024-43849

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locatoraddr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locatoraddr fields concurrently. Protect them by placing modification of those fields under the...

DEBIAN-CVE-2024-43849

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locatoraddr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locatoraddr fields concurrently. Protect them by placing modification of those fields under the...

AZL-51135 CVE-2024-43849 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locatoraddr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locatoraddr fields concurrently. Protect them by placing modification of those fields under the...

CVE-2024-43815

In the Linux kernel, the following vulnerability has been resolved: crypto: mxs-dcp - Ensure payload is zero when using key slot We could leak stack memory through the payload field when running AES with a key from one of the hardware's key slots. Fix this by ensuring the payload field is set to ...

CVE-2024-43849 soc: qcom: pdr: protect locator_addr with the main mutex

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locatoraddr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locatoraddr fields concurrently. Protect them by placing modification of those fields under the...

CVE-2024-43849 soc: qcom: pdr: protect locator_addr with the main mutex

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locatoraddr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locatoraddr fields concurrently. Protect them by placing modification of those fields under the...

CVE-2024-43815 crypto: mxs-dcp - Ensure payload is zero when using key slot

In the Linux kernel, the following vulnerability has been resolved: crypto: mxs-dcp - Ensure payload is zero when using key slot We could leak stack memory through the payload field when running AES with a key from one of the hardware's key slots. Fix this by ensuring the payload field is set to ...

PT-2024-40890 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state includes functions such as ireclaim, interp reclaim, and gs main finit. No...

SUSE CVE-2024-41029

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: limit cell sysfs permissions to main attribute ones The cell sysfs attribute should not provide more access to the nvmem data than the main attribute itself. For example if nvmeconfig::rootonly was set, the cell...

CVE-2024-41029

A vulnerability was found in the nvmem subsystem in the Linux kernel. This issue allows excessive permissions for the cell sysfs attribute, potentially exposing sensitive data beyond what is permitted for the main attribute. Mitigation Mitigation for this issue is either not available or the...

DEBIAN-CVE-2024-41029

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: limit cell sysfs permissions to main attribute ones The cell sysfs attribute should not provide more access to the nvmem data than the main attribute itself. For example if nvmeconfig::rootonly was set, the cell...

UBUNTU-CVE-2024-41029

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: limit cell sysfs permissions to main attribute ones The cell sysfs attribute should not provide more access to the nvmem data than the main attribute itself. For example if nvmeconfig::rootonly was set, the cell...

The vulnerability of the hnap_main function in the D-LINK GO-RT-AC750 router software allows a hacker to cause a service failure.

The vulnerability of the hnapmain function in the D-LINK GO-RT-AC750 router’s software lies in the fact that the operation results are stored outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending specially crafted POST reques...