CVE-2024-36122 Discourse doesn't limit reviewable user serializer payload

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta4 on the beta and tests-passed branches, moderators using the review queue to review users may see a users email address even when the Allow moderators to view email addresses settin...

PT-2024-26909 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.2.3 on the stable branch Discourse versions prior to 3.3.0.beta4 on the beta and tests-passed branches Description: The issue affects moderators using the review queue, allowing them to see a user's email address...

Discourse Security Breach

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes community, email and chat room features. Discourse suffers from a security vulnerability that stems from the fact that moderators who review users using a moderation queue may be able to se...

kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry

A flaw was found in the Linux kernel’s IPC system. This flaw allows an attacker to use a specially crafted program to cause a rare race condition, leading to a denial of service...

kernel: net: ena: Fix incorrect descriptor free behavior

This is a vulnerability in the Linux kernel's Elastic Network Adapter ENA driver, which manages network interfaces on certain platforms. The driver utilizes two types of transmit TX queues: one for packets from the network stack and another for packets directed by XDP eXpress Data Path operations...

CVE-2024-35116

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. IBM X-Force ID: 290335...

CVE-2024-31912

IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. IBM X-Force ID: 289894...

PT-2024-24279 · Ibm · Ibm Mq

Name of the Vulnerable Software and Affected Versions: IBM MQ versions 9.3 LTS and 9.3 CD Description: The issue allows an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. Recommendations: For IBM MQ versions 9.3 LTS and 9.3 CD, a...

PT-2024-26343 · Ibm · Ibm Mq

Name of the Vulnerable Software and Affected Versions: IBM MQ versions 9.3 LTS and 9.3 CD Description: A remote attacker could obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

IBM MQ 安全漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from International Business Machines IBM. The product is mainly for the service-oriented architecture SOA to provide a reliable and proven messaging backbone. An elevation of privilege vulnerability exists in IBM MQ, which can be exploited...

The vulnerability of the ReadTIFFImage() function in the ImageMagick console graphics editor allows a hacker to cause a service failure.

The vulnerability of the ReadTIFFImage function in the ImageMagick console graphics editor is related to buffer overflow in the queue. Exploiting this vulnerability could allow an attacker to cause a service failure...

IBM MQ 安全漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from International Business Machines IBM. The product is mainly for the service-oriented architecture SOA to provide a reliable and proven messaging backbone. A denial of service vulnerability exists in IBM MQ, which can be exploited by an...

IBM MQ 安全漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from International Business Machines IBM. The product is mainly for the service-oriented architecture SOA to provide a reliable and proven messaging backbone. A denial-of-service vulnerability exists in IBM MQ, which can be exploited by...

Astra Linux - уязвимость в linux-6.1

A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flowerstatstimer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition...

Keep Your Tech Flame Alive: Trailblazer Mie Elmkvist Schneider

In this Akamai FLAME Trailblazer blog post, Mie Elmkvist Schneider from Queue-it describes the differences between being a manager and being a leader...

SUSE CVE-2024-37026

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Only use reserved BCS instances for usm migrate exec queue The GuC context scheduling queue is 2 entires deep, thus it is possible for a migration job to be stuck behind a fault if migration exec queue shares engines with...

Malicious code in resque-stuck_queue (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6548 Malicious code in alephant_publisher-queue (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in alephant_publisher-queue (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in Be.Vlaanderen.Bаsisregisters.MessageHandling.AwsSqs.Sіmple (NuGet)

--- -= Per source details. Do not edit below this line.=-...