CVE-2024-49570 drm/xe/tracing: Fix a potential TP_printk UAF

In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TPprintk UAF The commit afd2627f727b "tracing: Check "%s" dereference via the field and not the TPprintk format" exposes potential UAFs in the xebomove trace event. Fix those by avoiding...

GSD-2023-1001002 net: add atomic_long_t to net_device_stats fields

net: add atomiclongt to netdevicestats fields This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

SUSE-SU-2019:2956-1 Security update for qemu

This update for qemu fixes the following issues: - Remove a backslash '' escape character from 80-qemu-ga.rules bsc1153358 Unlike sles 15 or newer guests, The udev rule file of qemu guest agent in sles 12 sp4 or newer guest only needs one escape character. - Fix use-after-free in slirp...

curl: Race condition with CURL_LOCK_DATA_CONNECT can cause connections to be used at the same time

Summary: We've seen race conditions when using CURLLOCKDATACONNECT in libcurl where sometimes two different threads using two different easy handles ends up sharing the same connection pointer at the same time. This causes UAFs and double frees when both threads are freeing items on the same...

AdaptCMS 2.0.4 - config.php?question SQL Injection

AdaptCMS 2.0.4 - config.php?question SQL Injection Exploit Title: AdaptCMS = 2.0.4 SQL Injection vulnerability Date: 26/10/2012 Exploit Author: Kallimero Vendor Homepage: http://www.adaptcms.com/ Software Link: http://www.insanevisions.com/page/3/Downloads/ Version: 2.0.4 Tested on: Debian...