Oracle Siebel Server (April 2019 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the April 2019 CPU advisory. - Vulnerability in the Siebel Core - Server BizLogic Script component of Oracle Siebel CRM subcomponent: Integration - Scripting. The supported version that...

ROS-20241209-02

A vulnerability in some IntelR TDX modules is related to improper input validation. Exploitation of the vulnerability could allow a privileged attacker to potentially escalate privileges through local access. Vulnerability related to processor instruction sequencing causes unexpected behavior on...

CVE-2024-8929

...

CVE-2024-47791

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices...

CVE-2024-47791

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices...

CVE-2024-47791

CVE-2024-47791 affects Ruijie Reyee OS (MQTT broker) versions 2.206.x up to but not including 2.320.x. The issue is a weak mechanism around topic handling that could let an attacker subscribe to partial possible topics and receive partial messages exchanged with devices. Several connected sources...

CVE-2024-47043

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address...

SUSE-SU-2024:4252-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 35 with Oracle October 15 2024 CPU bsc1232064: - CVE-2024-21208: Fixed partial DoS in component Networking bsc1231702,JDK-8328286 - CVE-2024-21210: Fixed unauthorized update, insert or delete...

GHSA-56W4-5538-8V8H Synapse Matrix has a partial room state leak via Sliding Sync

Impact The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. Patches Synapse version 1.120.1 fixes the problem. Workarounds Disable Sliding Sync. References...

Synapse Matrix has a partial room state leak via Sliding Sync

Impact The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. Patches Synapse version 1.120.1 fixes the problem. Workarounds Disable Sliding Sync. References...

CVE-2024-53867 Synapse Matrix has a partial room state leak via Sliding Sync

Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1...

CVE-2024-53867 Synapse Matrix has a partial room state leak via Sliding Sync

Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1...

SUSE CVE-2024-53116

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

PT-2024-9571 · Ruijie · Ruijie Reyee Os

Name of the Vulnerable Software and Affected Versions: Ruijie Reyee OS versions 2.206.x through 2.320.x Description: The issue is related to the Ruijie MQTT broker in Ruijie Reyee OS, where an attacker could subscribe to partial possible topics and receive partial messages being sent to and from...

PT-2024-9567 · Ruijie · Ruijie Reyee Os

Name of the Vulnerable Software and Affected Versions: Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x Description: The issue is related to insufficient storage of service data in the Ruijie Reyee OS, which could allow a remote attacker to correlate a device's serial number with...

GHSA-75C5-XW7C-P5PM PyJWT Issuer field partial matches allowed

Summary The wrong string if check is run for iss checking, resulting in "acb" being accepted for "abc". Details This is a bug introduced in version 2.10.0: checking the "iss" claim changed from isinstanceissuer, list to isinstanceissuer, Sequence. diff - if isinstanceissuer, list: + if...

CVE-2024-53116

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

DEBIAN-CVE-2024-53116

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

UBUNTU-CVE-2024-53116

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

CVE-2024-53116

CVE-2024-53116 concerns the Linux kernel panic/warning scenario in the Panthor DRM/GPU VM path. The description documents a bug in partial GPU mapping of buffer objects (BOs) where Panthor failed to correctly handle mappings that span multiple scatterlists and where the mapping offset did not sta...