CVE-2024-28782

IBM CVE-2024-28782 affects IBM QRadar Suite Software and IBM Cloud Pak for Security: QRadar Suite 1.10.12.0–1.10.18.0 and Cloud Pak for Security 1.10.0.0–1.10.11.0 store user credentials in plain clear text readable by an authenticated user. Root cause is plaintext credential storage, enabling in...

CVE-2024-27972

CVE-2024-27972 affects WP Fusion Lite (Very Good Plugins). An improper neutralization of special elements enables a command injection that leads to authenticated remote code execution in WP Fusion Lite versions up to 3.41.24. The vulnerability requires authentication (Contributor+ per enrichment)...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the occurrence of a circular locking problem...

CVE-2023-35812

CVE-2023-35812 affects OpenSSH 7.4 in Amazon Linux 1/2. The issue stems from an incomplete mitigation for CVE-2019-6111: when a relative path is used with scp, the client does not verify that the received filename matches the requested one, allowing potential file misassociation. Public advisorie...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the occurrence of a deadlock problem...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a hang problem...

CVE-2024-28219

CVE-2024-28219 affects the Pillow Python imaging library. In _imagingcms.c, a buffer overflow was introduced because strcpy was used instead of a safer copy like strncpy, impacting Pillow before version 10.3.0. The issue filename and function indicate a likely overflow related to fixed-length str...

CVE-2024-30173

CVE-2024-30173 maps to an authentication bypass in the TYPO3 OpenID Connect Authentication extension. The TYPO3 extension’s authentication service does not verify the OpenID Connect authentication state from the user lookup chain and instead authenticates every valid frontend user whose tx_oidc f...

NITRO API commands not working, request times out.

NITRO API endpoint is not working, the requests sent to the NSIP timeout without a response...

PT-2024-14673 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the libceph component. The issue occurs when a short read happens while reading the message footer from the socket...

SUSE SLES15 Security Update : kernel (Live Patch 43 for SLE 15 SP2) (SUSE-SU-2024:1053-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1053-1 advisory. - btsockrecvmsg in net/bluetooth/afbluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a btsockioctl race condition...

SUSE SLES15 Security Update : kernel (Live Patch 40 for SLE 15 SP3) (SUSE-SU-2024:1033-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:1033-1 advisory. - A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with...

SUSE SLES15 Security Update : kernel (Live Patch 41 for SLE 15 SP3) (SUSE-SU-2024:1054-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:1054-1 advisory. - A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with...

CVE-2023-46051

TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem...

CVE-2023-46051

TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem...

CVE-2023-31854

std::badalloc is mishandled in Precomp 0.4.8. NOTE: this is disputed because it should be categorized as a usability problem...

CVE-2023-46049

LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata function via a crafted pdflatex.fmt file or perhaps a crafted .o file to llvm-lto. NOTE: this is disputed because the relationship between pdflatex.fmt and any LLVM language front end is not explained, and because a crash of the...

CVE-2023-45925

GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...

CVE-2023-46048

Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdir/writet1.c. NOTE: this is disputed because it should be categorized as a usability problem...

CVE-2023-45925

GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...