PT-2024-9216 · Qlik · Qlik Sense Enterprise For Windows

Name of the Vulnerable Software and Affected Versions: Qlik Sense Enterprise for Windows versions prior to November 2024 IR Description: A problem was discovered in Qlik Sense Enterprise for Windows that allows an unprivileged user with network access to create connection objects, potentially...

SUSE CVE-2024-53116

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

CVE-2024-49581 Access control issue impacting RV backed objects

Restricted Views backed objects OSV1 could be bypassed under specific circumstances due to a software bug, this could have allowed users that didn't have permission to see such objects to view them via Object Explorer directly. This software bug did not impact or otherwise make data available...

CVE-2024-49581 Access control issue impacting RV backed objects

Restricted Views backed objects OSV1 could be bypassed under specific circumstances due to a software bug, this could have allowed users that didn't have permission to see such objects to view them via Object Explorer directly. This software bug did not impact or otherwise make data available...

DEBIAN-CVE-2024-53116

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

CVE-2024-53116

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

UBUNTU-CVE-2024-53116

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

CVE-2024-53116 drm/panthor: Fix handling of partial GPU mapping of BOs

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

CVE-2024-53116 drm/panthor: Fix handling of partial GPU mapping of BOs

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

PT-2024-33555 · Foundry · Foundry

Name of the Vulnerable Software and Affected Versions: Foundry affected versions not specified Description: A software bug could allow users without permission to view restricted objects directly through the Object Explorer under specific circumstances. This issue did not make data available acro...

The vulnerability of the addRelatedObjects function in the universal monitoring system Zabbix allows attackers to increase their privileges.

The vulnerability of the addRelatedObjects function in the universal monitoring system Zabbix is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges by sending specially crafted SQL queries...

Palantir Foundry 安全漏洞

Palantir Foundry is a business process management platform from US-based Palantir, Inc. A security vulnerability exists in Palantir Foundry versions 105.110.1 through 105.115.0, which stems from Objects Supported by Restricted Views OSV1 can be bypassed, allowing users not authorized to view such...

IT threat evolution in Q3 2024. Non-mobile statistics

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics The statistics presented here are based on detection verdicts by Kaspersky products and services received from users who consented to providing statistical data...

Vulnerability fixed in Zabbix

A vulnerability has been fixed in Zabbix. The vulnerability is in how the CUser class handles the addRelatedObjects function. This could allow non-administrators with API access to perform an SQL injection, which could lead to unauthorized access to sensitive data. The vulnerability could enable...

Jenkins Filesystem List Parameter Plugin has Path Traversal vulnerability

Jenkins Filesystem List Parameter Plugin 0.0.14 and earlier does not restrict the path used for the File system objects list Parameter. This allows attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system. Filesystem List Parameter Plugin 0.0.15 ensur...

CVE-2024-54004

Jenkins Filesystem List Parameter Plugin 0.0.14 and earlier does not restrict the path used for the File system objects list Parameter, allowing attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system...

CVE-2024-54004

Jenkins Filesystem List Parameter Plugin 0.0.14 and earlier does not restrict the path used for the File system objects list Parameter, allowing attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system...

DEBIAN-CVE-2024-42327

A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is availabl...

CVE-2024-9251

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2024-9255

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...