PT-2024-12257 · Nvidia · Nvidia Nvjpeg2000 Library

Name of the Vulnerable Software and Affected Versions: NVIDIA nvJPEG2000 Library for Windows and Linux affected versions not specified Description: The NVIDIA nvJPEG2000 Library contains a vulnerability due to improper input validation, which could allow an attacker to use a specially crafted inp...

PT-2024-15333 · Nvidia +1 · Nvidia Cuda Toolkit +1

Name of the Vulnerable Software and Affected Versions: NVIDIA CUDA toolkit affected versions not specified Description: The NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm. An attacker may cause a crash by tricking a user into reading a malformed ELF file,...

The vulnerability of the software for implementing the hypertext environment MediaWiki, related to improper input cancellation during page creation, allows a violator to carry out cross-site scripting attacks.

The vulnerability of the software for implementing the hypertext environment MediaWiki is related to the possibility of exploiting XSS attacks in the partial block function. Exploiting this vulnerability could allow a malicious actor, operating remotely, to carry out cross-site scripting attacks...

UBUNTU-CVE-2024-26665

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in docsum+0x220/0x240 Read of size 4 at addr...

UBUNTU-CVE-2023-52636

In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while reading the message footer from the socket. Later, when the socket is ready for another read, the messenger invokes all readpartial...

CVE-2023-52636 libceph: just wait for more data to be available on the socket

In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while reading the message footer from the socket. Later, when the socket is ready for another read, the messenger invokes all readpartial...

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 version v.1.6.0-641, which stems from a buffer overflow in the AP4MemoryByteStream::WritePartial method of the Ap4ByteStream.cpp file that could lead to remote code execution...

PT-2024-14673 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the libceph component. The issue occurs when a short read happens while reading the message footer from the socket...

Fedora 38 : clojure (2024-91dab41dfa)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-91dab41dfa advisory. Security fix for CVE-2024-22871 Update to upstream release 1.11.2 Tenable has extracted the preceding description block directly from the Fedora...

CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

PT-2024-2188 · Vmware · Vmware Cloud Director

Name of the Vulnerable Software and Affected Versions: VMware Cloud Director affected versions not specified Description: The issue is related to a partial information disclosure, where a malicious actor can potentially gather information about organization names based on the behavior of the...

GHSA-MR9J-QQJH-67F2 Jenkins Subversion Partial Release Manager Plugin missing permission check

A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build...

GHSA-RV35-69FF-G9GV Jenkins Subversion Partial Release Manager Plugin vulnerable to Cross-Site Request Forgery

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

CVE-2024-28158

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

CVE-2024-28158

CVE-2024-28158 concerns a cross-site request forgery (CSRF) in the Jenkins Subversion Partial Release Manager Plugin (versions 1.0.1 and earlier). The issue, as described in the source documents, lets an attacker trigger a build by convincing an authenticated user to perform an action, due to CSR...

CVE-2024-28158

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

BIT-MEDIAWIKI-2021-31548

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed...

BIT-MEDIAWIKI-2023-36675

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, and 1.39.x before 1.39.4. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature...

SUSE CVE-2021-47101

In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asixmdioread asixreadcmd may read less than sizeofsmsr bytes and in this case smsr will be uninitialized. Fail log: BUG: KMSAN: uninit-value in asixcheckhostenable drivers/net/usb/asixcommon.c:82 inline...