UBUNTU-CVE-2021-47233

In the Linux kernel, the following vulnerability has been resolved: regulator: rt4801: Fix NULL pointer dereference if priv-enablegpios is NULL devmgpiodgetarrayoptional may return NULL if no GPIO was assigned...

SUSE CVE-2024-27071

In the Linux kernel, the following vulnerability has been resolved: backlight: hx8357: Fix potential NULL pointer dereference The "im" pins are optional. Add missing check in the hx8357probe...

UBUNTU-CVE-2024-27071

In the Linux kernel, the following vulnerability has been resolved: backlight: hx8357: Fix potential NULL pointer dereference The "im" pins are optional. Add missing check in the hx8357probe...

Hewlett Packard Enterprise IceWall Agent 安全漏洞

Hewlett Packard Enterprise IceWall Agent is an optional product for single sign-on by proxy from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise IceWall Agent that originated from allowing an attacker to cause a denial of service by remotely attacking...

SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Settings

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Click SendPress in the Admin menu...

PT-2024-3375 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a potential NULL pointer dereference in the hx8357 probe function in the Linux kernel's HX-8357 driver. This could allow an attacker to cause a denial of servic...

SUSE SLES15 : Optional update for icu (SUSE-SU-SUSE-OU-2024:0647-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-OU-2024:0647-1 advisory. - An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a...

Design/Logic Flaw

The fetch API and navigation incorrectly shared the same cache, as the cache key did not include the optional headers fetch may contain. Under the correct circumstances, an attacker may have been able to poison the local browser cache by priming it with a fetch response controlled by the addition...

Format string

A format string issue in the Controller 6000's optional diagnostic web interface can be used to write/read from memory, and in some instances crash the Controller 6000 leading to a Denial of Service. This issue affects: Gallagher Controller 6000 8.60 prior to vCR8.60.231116a distributed in...

Goblob - A Fast Enumeration Tool For Publicly Exposed Azure Storage Blobs

Goblob is a lightweight and fast enumeration tool designed to aid in the discovery of sensitive information exposed publicy in Azure blobs, which can be useful for various research purposes such as vulnerability assessments, penetration testing, and reconnaissance. Warning. Goblob will issue...

kernel: acpi: Fix suspend with Xen PV

In the Linux kernel, the following vulnerability has been resolved: acpi: Fix suspend with Xen PV Commit f1e525009493 "x86/boot: Skip realmode init code when running as Xen PV guest" missed one code path accessing realmodeheader, leading to dereferencing NULL when suspending the system under Xen:...

Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library. Patches: Released in v.0.0.308. numexpr dependency is optional for langchain...

August 22, 2023—KB5029351 (OS Build 22621.2215) Preview

August 22, 2023—KB5029351 OS Build 22621.2215 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate to...

August 22, 2023—KB5029332 (OS Build 22000.2360) Preview

August 22, 2023—KB5029332 OS Build 22000.2360 Preview 8/8/23 IMPORTANT After September 26, 2023, there will no longer be optional, non-security preview releases for Windows 11, version 21H2. Only cumulative monthly security updates will continue for the supported versions of Windows 11, version...

cockpit-appstream bug fix update

An update is available for cockpit-appstream. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Dummy package from building optional packages only; never install o...

CVE-2023-29404

...

USN-6152-1 linux-gke regression

It was discovered that NFS client's access cache implementation in the Linux kernel caused a severe NFS performance degradation in certain conditions. This updated makes the NFS file-access stale cache behavior to be optional...

May 23, 2023—KB5026435 (OS Build 19045.3031) Preview

May 23, 2023—KB5026435 OS Build 19045.3031 Preview 3/21/23 REMINDER After March 21, 2023, there are no more optional, non-security preview releases for the supported editions of Windows 10, version 20H2 and Windows 10, version 21H2. Only cumulative monthly security updates known as the "B" or...

PortEx - Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...

Google Authenticator App Gets Cloud Backup Feature for TOTP Codes

Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords TOTPs to the cloud. "This change means users are better protected from lockout and...