CVE-2024-3854

In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products, whic...

Best Practices for Optimizing Web Development Standards for Media Sites

By Owais Sultan Boost user engagement and SEO ranking with these key web development practices for media sites. Discover responsive design, page speed optimization, user-friendly CMS, SEO structure, and accessibility best practices. This is a post from HackRead.com Read the original post: Best...

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime may affect IBM Decision Optimization for IBM Cloud Pak for Data

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Version 11 used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-20932 DESCRIPTION: An unspecified...

ROS-20240404-19

A vulnerability in the PNG optimization software tool OptiPNG is related to a buffer overflow via the 'buffer' variable in gifread.c. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

CVE-2023-52625

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface Why We can hang in place trying to send commands when the DMCUB isn't powered on. How We need to exit out of the idle state prior to sending a command, but the process tha...

CVE-2023-52625

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface Why We can hang in place trying to send commands when the DMCUB isn't powered on. How We need to exit out of the idle state prior to sending a command, but the process tha...

CVE-2023-52625 drm/amd/display: Refactor DMCUB enter/exit idle interface

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface Why We can hang in place trying to send commands when the DMCUB isn't powered on. How We need to exit out of the idle state prior to sending a command, but the process tha...

CVE-2023-52625 drm/amd/display: Refactor DMCUB enter/exit idle interface

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface Why We can hang in place trying to send commands when the DMCUB isn't powered on. How We need to exit out of the idle state prior to sending a command, but the process tha...

New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys

A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent...

CVE-2024-27935

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.35.1 and prior to version 1.36.3, a vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets o...

Mageia: Security Advisory (MGASA-2024-0061)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to a remote authenticated attacker (CVE-2023-45143)

Summary There is a vulnerability in Node.js undici module used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-45143 DESCRIPTION: Node.js undici module could allow ...

CVE-2024-27935 Deno's Node.js Compatibility Runtime has Cross-Session Data Contamination

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.35.1 and prior to version 1.36.3, a vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets o...

GHSA-WRQV-PF6J-MQJP Deno's Node.js Compatibility Runtime has Cross-Session Data Contamination

Summary A vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets or files. The issue arises from the re-use of a global buffer BUF in streamwrap.ts used as a performance...

Deno's Node.js Compatibility Runtime has Cross-Session Data Contamination

Summary A vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets or files. The issue arises from the re-use of a global buffer BUF in streamwrap.ts used as a performance...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: ice: xsk: return xsk buffers back to pool when cleaning the ring Currently we only NULL the xdpbuff pointer in the internal SW ring but we never give it back to the xsk buffer pool. This means that buffers can be leaked out of th...

openSUSE Security Advisory (SUSE-SU-2024:0325-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-52582 netfs: Only call folio_start_fscache() one time for each folio

In the Linux kernel, the following vulnerability has been resolved: netfs: Only call foliostartfscache one time for each folio If a network filesystem using netfs implements a clamplength function, it can set subrequest lengths smaller than a page size. When we loop through the folios in...

Fedora: Security Advisory (FEDORA-2024-5e50570506)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...