29016 matches found
CVE-2024-41047
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 "i40e: Fix reset path while removing the driver" introduced a new PF state "I40EINREMOVE" to block modifying the XDP program while the driver is...
Empowering WordPress Bug Bounty Hunters: Meet the New Wordfence Bug Bounty Program Researcher Dashboard
Today, we are very excited to announce the launch of our brand-new researcher dashboard for the Wordfence Bug Bounty Program! One frequent request we received from our researchers was to have a way to manage and track all their vulnerability submissions in a single location, and we’re delivering...
CVE-2024-40895
FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the...
CVE-2024-40895
FFRI AMC contains an OS command injection (CWE-78) vulnerability affecting versions 3.4.0–3.5.3 (and some OEM bundles) where, if the notification program setting is enabled and the executable path ends with a batch/command file, a remote unauthenticated attacker can execute arbitrary OS commands....
CVE-2024-40895
FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the...
AZL-54059 CVE-2024-42151 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: mark bpfdummystructops.test1 parameter as nullable Test case dummystops/dummyinitretvalue passes NULL as the first parameter of the test1 function. Mark this parameter as nullable to make verifier aware of such possibility...
DEBIAN-CVE-2024-42068
In the Linux kernel, the following vulnerability has been resolved: bpf: Take return from setmemoryro into account with bpfproglockro setmemoryro can fail, leaving memory unprotected. Check its return and take it into account as an error...
AZL-47216 CVE-2024-42068 affecting package kernel for versions less than 6.6.43.1-7
In the Linux kernel, the following vulnerability has been resolved: bpf: Take return from setmemoryro into account with bpfproglockro setmemoryro can fail, leaving memory unprotected. Check its return and take it into account as an error...
DEBIAN-CVE-2024-41047
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 "i40e: Fix reset path while removing the driver" introduced a new PF state "I40EINREMOVE" to block modifying the XDP program while the driver is...
CVE-2024-41047
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 "i40e: Fix reset path while removing the driver" introduced a new PF state "I40EINREMOVE" to block modifying the XDP program while the driver is...
UBUNTU-CVE-2024-41047
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 "i40e: Fix reset path while removing the driver" introduced a new PF state "I40EINREMOVE" to block modifying the XDP program while the driver is...
CVE-2024-41047 i40e: Fix XDP program unloading while removing the driver
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 "i40e: Fix reset path while removing the driver" introduced a new PF state "I40EINREMOVE" to block modifying the XDP program while the driver is...
CVE-2024-41047
CVE-2024-41047 affects the Linux kernel i40e driver handling of XDP programs during driver removal. The root cause was a PF state flag (__I40E_IN_REMOVE) intended to block XDP program changes, which proved insufficient when .ndo_bpf() was invoked outside rmmod context, risking a kernel warning wh...
CVE-2024-41047 i40e: Fix XDP program unloading while removing the driver
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 "i40e: Fix reset path while removing the driver" introduced a new PF state "I40EINREMOVE" to block modifying the XDP program while the driver is...
CVE-2024-41047 i40e: Fix XDP program unloading while removing the driver
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 "i40e: Fix reset path while removing the driver" introduced a new PF state "I40EINREMOVE" to block modifying the XDP program while the driver is...
roofingcompanymd.com Cross Site Scripting vulnerability OBB-3951216
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
fysikoaerioellados.gr Cross Site Scripting vulnerability OBB-3951088
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
torah-box.net Cross Site Scripting vulnerability OBB-3951010
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
nts.org.pk Cross Site Scripting vulnerability OBB-3950913
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bookbrowse.com Cross Site Scripting vulnerability OBB-3950914
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...