CVE-2023-20092

Cisco TelePresence CE and RoomOS CLI have three local arbitrary file-write vulnerabilities (CVE-2023-20092) due to improper local file access controls. An authenticated, local attacker could place a symbolic link to overwrite arbitrary files; exploitation requires a remote support user account. A...

CVE-2023-20094

This CVE (CVE-2023-20094) affects Cisco TelePresence CE and Cisco RoomOS. The issue is caused by improper bounds checks in the affected software, enabling an unauthenticated, adjacent attacker to send a crafted request that can trigger an out-of-bounds read, potentially disclosing sensitive infor...

CVE-2024-20373

CVE-2024-20373 affects Cisco IOS and IOS XE SNMP IPv4 ACL handling. Root cause: extended IPv4 ACLs for SNMP aren’t supported, but extended named IPv4 ACLs can be attached to the SNMP server without warning, causing no ACL to be applied to SNMP listening. Impact: unauthenticated remote SNMP pollin...

CVE-2023-2332

CVE-2023-2332 is a stored XSS in pimcore/pimcore 10.5.19, located in the Conditions tab of Pricing Rules (Date Range From/To fields). The underlying issue allows injection of arbitrary JavaScript, potentially compromising user cookies or redirecting users. The vulnerability is mitigated by upgrad...

CVE-2022-2232

CVE-2022-2232 concerns a LDAP injection in Keycloak’s username lookup, allowing bypass and potentially other actions. Affected: Keycloak package; root cause: LDAP injection during username lookup. Impact: high confidentiality risk; no user interaction required, network vector, privileges not requ...

CVE-2024-3447

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both s-datacount and the size of s-fifobuffer are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a...

CVE-2022-31667

Harbor (the Harbor registry) is affected by CVE-2022-31667 due to improper authorization when updating a robot account. The issue occurs when a request to update a robot account specifies an account and name belonging to a project the authenticated user cannot access, allowing an attacker to revo...

CVE-2022-31669

Harbor (the open‑source registry) contains an authorization flaw in its tag immutability policy API. The vulnerability occurs when updating a tag immutability policy, where a request may specify a policy in a project the authenticated user cannot access, enabling modification of policies in other...

CVE-2022-31670

CVE-2022-31670 concerns Harbor’s authorization for updating tag retention policies. Several sources describe a flaw where an authenticated user can send an update request for a retention policy id belonging to a project they should not access, allowing modification of policies in other projects. ...

CVE-2022-31666

Harbor vulnerability CVE-2022-31666 involves failure to validate user permissions when managing Webhook policies. The issue allows authenticated users to view, update, or delete Webhook policies belonging to other users or projects, potentially enabling modification of policies configured in othe...

CVE-2023-4134

The CVE-2023-4134 issue affects the Linux kernel cyttsp4_core driver. A use-after-free occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue, enabling a local attacker to crash the system and cause a denial of service. The provided documents cons...

CVE-2024-4741

Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...

FreeBSD : element-web -- several vulnerabilities (ab4e6f65-a142-11ef-84e9-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ab4e6f65-a142-11ef-84e9-901b0e9408dc advisory. Element team reports: Versions of Element Web and Desktop earlier than 1.11.85 do not check if...

MGASA-2024-0360 Updated curl packages fix security vulnerability

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

wifi: mt76: mt7915: fix oops on non-dbdc mt7986

...

EulerOS 2.0 SP9 : curl (EulerOS-SA-2024-2825)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...

Moodle 安全漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from the need for additional restrictions to avoid the risk of remote...

CVE-2024-50100 USB: gadget: dummy-hcd: Fix "task hung" problem

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: dummy-hcd: Fix "task hung" problem The syzbot fuzzer has been encountering "task hung" problems ever since the dummy-hcd driver was changed to use hrtimers instead of regular timers. It turns out that the problems ar...

CVE-2024-50100 USB: gadget: dummy-hcd: Fix "task hung" problem

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: dummy-hcd: Fix "task hung" problem The syzbot fuzzer has been encountering "task hung" problems ever since the dummy-hcd driver was changed to use hrtimers instead of regular timers. It turns out that the problems ar...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2736)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...