PT-2024-3879 · Automationdirect · Automationdirect P3-550E

Name of the Vulnerable Software and Affected Versions: AutomationDirect P3-550E version 1.2.10.9 Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality. Specially crafted network packets can lead to heap-based memory...

Important: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: python27:2.7 security update

An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: perl:5.32 security update

An update for the perl:5.32 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: python39:3.9 and python39-devel:3.9 security update

An update for the python39:3.9 and python39-devel:3.9 modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

ALSA-2024:3128 Moderate: perl:5.32 security update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Write past buffer end via illegal user-defined Unicode property CVE-2023-47038 For more details about the security issues, including the impact, a CVSS...

Moderate: perl:5.32 security update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Write past buffer end via illegal user-defined Unicode property CVE-2023-47038 For more details about the security issues, including the impact, a CVSS...

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

CVE-2023-52854

In the Linux kernel, the following vulnerability has been resolved: padata: Fix refcnt handling in padatafreeshell In a high-load arm64 environment, the pcryptaead01 test in LTP can lead to system UAF Use-After-Free issues. Due to the lengthy analysis of the pcryptaead01 function call, I'll...

CVE-2021-47303

In the Linux kernel, the following vulnerability has been resolved: bpf: Track subprog poke descriptors correctly and fix use-after-free Subprograms are calling mappoketrack, but on program release there is no hook to call mappokeuntrack. However, on program release, the aux memory and poke...

Important: Red Hat Security Advisory: go-toolset-1.19-golang security update

An update for go-toolset-1.19-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2024-32735

An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can access the PDNU REST APIs, which may result in compromise of the application...

Aruba Networks ArubaOS 和 InstantOS 安全漏洞

Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...

PT-2024-24114 · Hewlett Packard +1 · Aos-8 Instant/Aos-10 Ap +4

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these...

Cyber Power Systems PowerPanel Enterprise 安全漏洞

Cyber Power Systems PowerPanel Enterprise is a software program from Cyber Power Systems designed to provide real-time PUE, PUE trends, and total energy usage trends. A security vulnerability previously existed in Cyber Power Systems PowerPanel Enterprise v2.8.3, which stemmed from an...

PT-2024-24113 · Hewlett Packard +1 · Aos-8 Instant/Aos-10 Ap +4

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these...

Directus 信息泄露漏洞

Directus is a real-time Api and application dashboard. It is used to manage Sql database content. An information disclosure vulnerability exists in Directus versions prior to 10.11.0 that stems from the ability to edit data extracts on the API...

CVE-2024-4068

The NPM package braces, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In lib/parse.js, if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating...

Multiple vulnerabilities in Cybozu Garoon

Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-3167 Improper handling of data in Mail CWE-231 - CVE-2024-31397 CyVDB-3221 Improper restriction on the output of some API CWE-201 - CVE-2024-31398 CyVDB-3238 Excessive resource consumption in Mai...

SUSE-SU-2024:1587-1 Security update for go1.22

This update for go1.22 fixes the following issues: Update to go1.22.3: - CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin bsc1224017 - CVE-2024-24788: net: high cpu usage in extractExtendedRCode bsc1224018 - cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64...