Information Exposure

Overview mineadmin/mineadmin is a Quickly build a background management system for web applications Affected versions of this package are vulnerable to Information Exposure via the getFileInfoById function. An attacker can access sensitive information by manipulating the ID argument remotely...

EUVD-2024-47531

Malicious code in bioql PyPI...

EUVD-2023-35507

Malicious code in bioql PyPI...

CVE-2024-52876

Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions in broadcast mode via multiple read operations on the ASTM Remote ID 0xFFFA GATT...

kernel: mptcp: pm: only decrement add_addr_accepted for MPJ req

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement addaddraccepted for MPJ req Adding the following warning ... WARNONONCEmsk-pm.addaddraccepted == 0 ... before decrementing the addaddraccepted counter helped to find a bug when running the "remove single...

CVE-2024-52876

Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions in broadcast mode via multiple read operations on the ASTM Remote ID 0xFFFA GATT...

CVE-2024-52876

The CVE-2024-52876 entry pertains to Holy Stone Remote ID Module HSRID01 (firmware distributed with Drone Go2 before version 1.1.8). The issue allows unauthenticated remote power-off actions in broadcast mode via multiple read operations on the ASTM Remote ID (0xFFFA) GATT. Affected firmware vers...

CVE-2024-52876

Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions in broadcast mode via multiple read operations on the ASTM Remote ID 0xFFFA GATT...

CVE-2024-52876

Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions in broadcast mode via multiple read operations on the ASTM Remote ID 0xFFFA GATT...

AZL-49197 CVE-2024-45009 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement addaddraccepted for MPJ req Adding the following warning ... WARNONONCEmsk-pm.addaddraccepted == 0 ... before decrementing the addaddraccepted counter helped to find a bug when running the "remove single...

UBUNTU-CVE-2024-45009

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement addaddraccepted for MPJ req Adding the following warning ... WARNONONCEmsk-pm.addaddraccepted == 0 ... before decrementing the addaddraccepted counter helped to find a bug when running the "remove single...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from an inability to validate the origin of synchronization messages and allows only the correct RemoteId, which allows a malicious remote user ...

PT-2024-28470 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.5.x through 9.5.5 Mattermost versions 9.6.x through 9.6.2 Mattermost versions 9.7.x through 9.7.4 Mattermost version 9.8.0 Description: The issue allows attackers to specify both a remoteId and the post ID, resulting in...

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from the system's failure to prevent users from specifying a RemoteId for their posts, allowing an attacker to create posts with a user-defined...

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from the inability to prevent the specification of a RemoteId when creating a new user, allowing an attacker to specify both a RemoteId and a us...

SUSE CVE-2024-27404

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remoteid Similar to the previous patch, address the data race on remoteid, adding the suitable ONCE annotations...

DEBIAN-CVE-2024-27404

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remoteid Similar to the previous patch, address the data race on remoteid, adding the suitable ONCE annotations...

UBUNTU-CVE-2024-27404

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remoteid Similar to the previous patch, address the data race on remoteid, adding the suitable ONCE annotations...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from data contention on remoteid...

CVE-2023-29156

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. An attacker can exploit this vulnerability by injecting, at the right times, spoofed Open Drone ID ODID messages which force the DroneScout ds230 Remote ID...