UBUNTU-CVE-2024-45769

A vulnerability was found in Performance Co-Pilot PCP. This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash...

CVE-2024-45769

A vulnerability was found in Performance Co-Pilot PCP. This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash...

CVE-2024-45769 Pcp: pmcd heap corruption through metric pmstore operations

A vulnerability was found in Performance Co-Pilot PCP. This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash...

PT-2024-31759

Name of the Vulnerable Software and Affected Versions: Performance Co-Pilot PCP affected versions not specified Description: A flaw was found in Performance Co-Pilot PCP that allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash...

RHEL 7 : gupnp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - hostapd: UPnP SUBSCRIBE misbehavior in WPS AP CVE-2020-12695 Note that Nessus has not tested for this issue but has...

PT-2025-46749

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw exists in the Linux kernel's IPMI driver related to message handling. A reverted patch intended to fix a message stack issue when IPMI is disconnected introduces a potential for a...

UBUNTU-CVE-2023-46840

Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen...

SUSE CVE-2023-7250

A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection...

A New Trick Uses AI to Jailbreak AI Models—Including GPT-4

Adversarial algorithms can systematically probe large language models like OpenAI’s GPT-4 for weaknesses that can make them misbehave...

Libnbd: crash or misbehaviour when nbd server returns an unexpected block size

...

CVE-2023-39363 Vyper incorrectly allocated named re-entrancy locks

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine EVM. In versions 0.2.15, 0.2.16 and 0.3.0, named re-entrancy locks are allocated incorrectly. Each function using a named re-entrancy lock gets a unique lock regardless of the key, allowing cross-function re-entrancy in...

A New Attack Impacts ChatGPT—and No One Knows How to Stop It

Researchers found a simple way to make ChatGPT, Bard, and other chatbots misbehave, proving that AI is hard to tame...

USN-6237-1 curl vulnerabilities

Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. CVE-2023-28321 Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain...

CVE-2023-28322

An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously wasused to issue a PUT request...

Critical: expat

Issue Overview: In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory. CVE-2021-45960 In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an...

UBUNTU-CVE-2023-28098

OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.7 and 3.2.4, a specially crafted Authorization header causes OpenSIPS to crash or behave in an unexpected way due to a bug in the function parseparamname . This issue was discovered while performing coverag...

EulerOS 2.0 SP5 : curl (EulerOS-SA-2023-1496)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the...

Inexistent Prevention of Duplicates

Lines of code Vulnerability details Impact The CollateralConfig::initialize function which instantiates the contract's state does not prevent duplicate collateral entries from being specified which can occur undetected. If the system is setup with duplicate collateral entries, the Ethos Core...

Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5875-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5875-1 advisory. It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote...

Incorrect Encoding of Order Hashes

Lines of code Vulnerability details Impact The order hashes are incorrectly encoded during the encodeOrderHashes mechanism, causing functions such as encodeRatifyOrder and encodeValidateOrder to misbehave. Proof of Concept The order hashes encoding mechanism appears to be incorrect as the...