Nix 安全漏洞

Nix is a powerful package manager from the Nix open source. It is used for making packages. A security vulnerability exists in Nix 2.22.1 and earlier versions that stems from mishandling certain uses of the hash cache, making it easier for an attacker to replace current source code with...

PT-2024-26864 · Nix +1 · Nix +1

Name of the Vulnerable Software and Affected Versions: Nix versions prior to 2.22.1 Description: The issue makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request. This is due to the mishandli...

@cyclonedx/cyclonedx-library Improper Restriction of XML External Entity Reference vulnerability

Impact XML External entity injections could be possible, when running the provided XML Validator on arbitrary input. POC js const Spec: Version , Validation: XmlValidator = require'@cyclonedx/cyclonedx-library'; const version = Version.v1dot5; const validator = new XmlValidatorversion; const inpu...

Access Control Bypass

github.com/pterodactyl/wings is vulnerable to Access Control Bypass. The vulnerability is due to improper access controls within the pull endpoint, allowing authenticated users to evade restrictions and potentially access resources on local networks...

Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull

Impact An authenticated user who has access to a game server is able to bypass the previously implemented access control https://github.com/pterodactyl/wings/security/advisories/GHSA-6rg3-8h8x-5xfv that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. This wou...

CVE-2024-34068 Server-side Request Forgery during remote file pull in Pterodactyl wings

Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control GHSA-6rg3-8h8x-5xfv that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. Thi...

CVE-2024-34068 Server-side Request Forgery during remote file pull in Pterodactyl wings

Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control GHSA-6rg3-8h8x-5xfv that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. Thi...

Arbitrary Code Execution

Mercurial is vulnerable to a Arbitrary Code Execution. The vulnerability is due to incorrect bound checks in the binary delta decoder which allows an attacker to execute arbitrary code via a clone, push, or pull command, related to either list sizing rounding error or short records...

SUSE CVE-2024-26931

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 PGD 0 P4D 0 Oops: 0000 1 SMP NOPTI CPU: 27...

CVE-2024-32962

xml-crypto is an xml digital signature and encryption library for Node.js. In affected versions the default configuration does not check authorization of the signer, it only checks the validity of the signature per section 3.2.2 of the w3 xmldsig-core-20080610 spec. As such, without additional...

CVE-2024-32962 XML signature verification bypass due improper verification of signature / signature spoofing

xml-crypto is an xml digital signature and encryption library for Node.js. In affected versions the default configuration does not check authorization of the signer, it only checks the validity of the signature per section 3.2.2 of the w3 xmldsig-core-20080610 spec. As such, without additional...

CVE-2024-32962 XML signature verification bypass due improper verification of signature / signature spoofing

xml-crypto is an xml digital signature and encryption library for Node.js. In affected versions the default configuration does not check authorization of the signer, it only checks the validity of the signature per section 3.2.2 of the w3 xmldsig-core-20080610 spec. As such, without additional...

CVE-2024-26931

A flaw was found in the qla2xxx module in the Linux kernel. A NULL pointer dereference can be triggered when the system is under memory stress and the driver cannot allocate memory to handle the error recovery of cable pull, causing a system crash and a denial of service. Mitigation Mitigation fo...

CVE-2024-32973

Pluto (a Lua 5.4 superset) is affected in versions prior to 0.9.3. An attacker who can intercept network traffic can present a specially-crafted certificate to cause Pluto to trust the remote for a TLS session, degrading transport integrity in the HTTP library and socket.starttls. The issue is ad...

CVE-2024-32973 Remote for TLS session may be trusted despite constraints in Pluto lang

Pluto is a superset of Lua 5.4 with a focus on general-purpose programming. In affected versions an attacker with the ability to actively intercept network traffic would be able to use a specifically-crafted certificate to fool Pluto into trusting it to be the intended remote for the TLS session...

DEBIAN-CVE-2024-26931

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 PGD 0 P4D 0 Oops: 0000 1 SMP NOPTI CPU: 27...

CVE-2024-26931

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 PGD 0 P4D 0 Oops: 0000 1 SMP NOPTI CPU: 27...

UBUNTU-CVE-2024-26931

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 PGD 0 P4D 0 Oops: 0000 1 SMP NOPTI CPU: 27...

CVE-2024-26931 scsi: qla2xxx: Fix command flush on cable pull

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 PGD 0 P4D 0 Oops: 0000 1 SMP NOPTI CPU: 27...

CVE-2024-26931

CVE-2024-26931 affects the Linux kernel driver for SCSI over Fibre Channel (scsi: qla2xxx). The issue arises when memory pressure prevents a command flush during cable pull recovery, causing the upper SCSI layer to modify scsi_cmnd improperly. When memory is freed and a subsequent cable pull trig...