CVE-2024-33687

CVE-2024-33687 concerns Omron NJ/NX series CPU units (all versions) with an insufficient verification of data authenticity (CWE-345). The issue allows altered user programs to potentially go undetected. Root cause is improper verification of data authenticity in affected devices. Impact notes fro...

poderjudicialqro.gob.mx Cross Site Scripting vulnerability OBB-3938340

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

shop.davidbowie.com Cross Site Scripting vulnerability OBB-3938238

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

phoneky.co.uk Cross Site Scripting vulnerability OBB-3938204

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2024-27029 · Faronics · Winselect

Name of the Vulnerable Software and Affected Versions: Faronics WINSelect Standard + Enterprise affected versions not specified Description: The application saves its configuration in an encrypted file on the file system, which "Everyone" has read and write access to. The paths to the configurati...

HackerOne: Reports submitted by a non 2fa setupped user account can be transferred to a 2fa require submission program

Vulnerability description not provided...

coolhouseplans.com Cross Site Scripting vulnerability OBB-3937495

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-38662

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

CVE-2024-38662

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

nsmbl.nl Cross Site Scripting vulnerability OBB-3937421

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-38662 bpf: Allow delete from sockmap/sockhash only if update is allowed

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

CVE-2024-38662 bpf: Allow delete from sockmap/sockhash only if update is allowed

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

CVE-2024-38662

CVE-2024-38662 affects the Linux kernel (BPF) where deletion from sockmap/sockhash is allowed only if the program was previously allowed to update that map. The issue arises when a BPF program attached to a tracepoint performs map_delete on these maps, triggering a locking-rule violation. The ver...

CVE-2024-38626

In the Linux kernel, the following vulnerability has been resolved: fuse: clear FRSENT when re-adding requests into pending list The following warning was reported by lee bruce: ------------ cut here ------------ WARNING: CPU: 0 PID: 8264 at fs/fuse/dev.c:300 fuserequestend+0x685/0x7e0...

skladsardoc.it Cross Site Scripting vulnerability OBB-3937324

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-38626 fuse: clear FR_SENT when re-adding requests into pending list

In the Linux kernel, the following vulnerability has been resolved: fuse: clear FRSENT when re-adding requests into pending list The following warning was reported by lee bruce: ------------ cut here ------------ WARNING: CPU: 0 PID: 8264 at fs/fuse/dev.c:300 fuserequestend+0x685/0x7e0...

CVE-2024-38626 fuse: clear FR_SENT when re-adding requests into pending list

In the Linux kernel, the following vulnerability has been resolved: fuse: clear FRSENT when re-adding requests into pending list The following warning was reported by lee bruce: ------------ cut here ------------ WARNING: CPU: 0 PID: 8264 at fs/fuse/dev.c:300 fuserequestend+0x685/0x7e0...

hri105.co.jp Cross Site Scripting vulnerability OBB-3937203

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

irbis.vegu.ru Cross Site Scripting vulnerability OBB-3937078

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-5746

A Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker with the Site Administrator role to gain arbitrary code execution capability on the GitHub Enterprise Server instance. Exploitation required authenticated access to GitHub Enterprise...