[SECURITY] Fedora 40 Update: clojure-1.11.1-8.fc40

Clojure is a dynamic programming language that targets the Java Virtual Machine. It is designed to be a general-purpose language, combining the approachability and interactive development of a scripting language with an efficient and robust infrastructure for multithreaded programming. Clojure is...

[SECURITY] Fedora 40 Update: apache-commons-math-3.6.1-18.fc40

Commons Math is a library of lightweight, self-contained mathematics and statistics components addressing the most common problems not available in the Java programming language or Commons Lang...

[SECURITY] Fedora 40 Update: aopalliance-1.0-39.fc40

Aspect-Oriented Programming AOP offers a better solution to many problems than do existing technologies, such as EJB. AOP Alliance intends to facilitate and standardize the use of AOP to enhance existing middleware environments such as J2EE, or development environements e.g. Eclipse. The AOP...

CVE-2024-28115

FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affe...

CVE-2024-28115 Privilege Escalation in FreeRTOS Kernel ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled

FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affe...

CVE-2024-28115 Privilege Escalation in FreeRTOS Kernel ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled

FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affe...

CVE-2024-28115 Privilege Escalation in FreeRTOS Kernel ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled

FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affe...

FreeRTOS-Kernel Security Vulnerability

FreeRTOS-Kernel is a software application. The repository contains only FreeRTOS kernel source/header files and kernel ports. A security vulnerability exists in FreeRTOS-Kernel version 10.6.1 and prior versions, which stems from an inability to adequately prevent local privilege escalation via...

PT-2024-2621

Name of the Vulnerable Software and Affected Versions net/http and net/http2 in Go affected versions not specified Description An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires...

Google Go Security Vulnerability

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google, Inc. A security vulnerability exists in Google Go that stems from the ParseAddressList function incorrectly handling comments in display names...

CVE-2023-52527 ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()

In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in ip,6appenddata Including the transhdrlen in length is a problem when the packet is partially filled e.g. something like sendMSGMORE happened previously when appending to an IPv4 or IPv6...

PYSEC-2024-245

Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI.Users of Apache Airflow are recommended to upgrade to version 2.8.2 or newer to mitigate the risk...

Moderate: Red Hat Security Advisory: go-toolset-1.19-golang security update

An update for go-toolset-1.19-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Cisco Nexus 3000 Series Switches Security Vulnerability

The Cisco Nexus 3000 Series Switches is a 3000 series switch from Cisco. A security vulnerability exists in the Cisco Nexus 3000 and 9000 Series Switches that arises from incorrect hardware programming when making configuration changes to ports...

Ruby Programming Language Installed (macOS)

Binary data rubymacosinstalled.nbin...

WordPress Plugin Passster Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

ATSUMI Electric OET-213H-BTS1 Security Vulnerability

The ATSUMI Electric OET-213H-BTS1 is a temperature detection device from ATSUMI Electric. ATSUMI Electric OET-213H-BTS1 suffers from a security vulnerability that originates from allowing an unauthenticated attacker to execute the API...

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 8.1.x through 8.1.9 and prior, 9.2.x through 9.2.5 and prior, 9.3.0, and 9.4.x through 9.4.2, which stems from a failure to limit the number of ro...

CVE-2024-20291

Cisco Nexus 3000/9000 NX-OS (standalone mode) contain a vulnerability in ACL programming for port-channel subinterfaces. Incorrect hardware programming during port-channel member port configuration can allow an unauthenticated, remote attacker to send traffic that should be blocked by the ACL on ...

CVE-2024-20291

A vulnerability in the access control list ACL programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device. This vulnerability is...