CVE-2024-25228

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

CVE-2024-1654

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

CVE-2024-1222

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

CVE-2024-1221

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

CVE-2024-1223

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

CVE-2024-1176

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

CVE-2024-26048

Technical details for CVE-2024-26048 are not publicly available in the provided documents. No impacted products, versions, or root cause are specified. Monitor for updates.

CVE-2024-26005

An unauthenticated remote attacker can gain service level privileges through an incomplete cleanup during service restart after a DoS...

PT-2024-21967 · Unknown · Numbas Editor

Name of the Vulnerable Software and Affected Versions: Numbas editor versions prior to 7.3 Description: The issue concerns the mishandling of editing themes and extensions in the Numbas editor. Recommendations: For versions prior to 7.3, update to version 7.3 or later to resolve the issue...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: ollama, crossplane-provider-aws-dynamodb, kubeadm-bootstrap-controller, crossplane-provider-aws-iam, argo-workflows, zot, conftest, flannel, apisix-ingress-controller, prometheus-alertmanager, kube-logging-operator, rook, kubeflow, falcoctl, timestamp-authority,...

AZL-37119 CVE-2024-24786 affecting package node-problem-detector for versions less than 0.8.17-2

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

AZL-35667 CVE-2024-24786 affecting package node-problem-detector for versions less than 0.8.15-2

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: mongo-tools, vite, dataplaneapi, kubeadm-bootstrap-controller, argo-workflows, nri-kafka, kube-rbac-proxy, prometheus-alertmanager, mage, kube-logging-operator, govulncheck, prometheus-blackbox-exporter, sbom-scorecard, datadog-agent, cert-exporter,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: tigera-operator, kubernetes-csi-livenessprobe, aws-ebs-csi-driver, kube-oidc-proxy, nerdctl, helm-operator, falcosidekick-fips, aws-efs-csi-driver-fips, fuse-overlayfs-snapshotter, terraform-provider-azurerm, kubescape, hugo-extended,...

CVE-2023-20907

CVE-2023-20907 is listed in the Android 14 security release notes as a high-severity DoS in the Framework component. The Android bulletin groups it among Framework vulnerabilities for Android 14, with reference A-239415997. The document does not provide specific affected product versions beyond A...

CVE-2023-52581

A use-after-free flaw was found in the Linux kernel’s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system. This flaw is similar to the previous CVE-2023-4244 but for a different part of the sour...

CVE-2021-47083

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: fix global-out-of-bounds issue When eint virtual eint number is greater than gpio number, it maybe produce 'desceintn' size globle-out-of-bounds issue...

CVE-2021-47089

In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 size 248: comm "cat", pid 23327, jiffies 4624670141 age 495992.217s hex dump first 32 bytes: 00 40 85 ...

openSUSE: Security Advisory for libnbd (SUSE-SU-2023:4463-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2023-1849 NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability February 29, 2024 CVE Number CVE-2024-0071 SUMMARY An out-of-bounds read vulnerability exists in the Shader functionality of NVIDIA D3D10 Driver, Version 546.01, 31.0.15.4601. A...