PT-2024-26273 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.113 Description: The issue is related to Cross Site Scripting XSS and can be exploited via the sys data replace.php file. Recommendations: For DedeCMS version 5.7.113, at the moment, there is no information about a newer...

CVE-2024-4810

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. This CVE has been replaced by CVE-2024-36015...

SUSE CVE-2024-26944

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in dozonefinish Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info device nullb1: scrub: finished on devid 1 with status: 0...

DEBIAN-CVE-2024-26944

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in dozonefinish Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info device nullb1: scrub: finished on devid 1 with status: 0...

CVE-2024-26944 btrfs: zoned: fix use-after-free in do_zone_finish()

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in dozonefinish Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info device nullb1: scrub: finished on devid 1 with status: 0...

CVE-2024-26944

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in dozonefinish Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info device nullb1: scrub: finished on devid 1 with status: 0...

CVE-2024-29958

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiring the encryption...

EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2024-1559)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the...

PT-2024-24361 · Kohya Ss · Kohya Ss

Name of the Vulnerable Software and Affected Versions: Kohya ss versions prior to 23.1.5 Description: Kohya ss is a GUI for Kohya's Stable Diffusion trainers. It is vulnerable to a path injection in the common gui.py find and replace function. Recommendations: For versions prior to 23.1.5, update...

SUSE CVE-2024-26791

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

CVE-2024-26791

A vulnerability was found in the Linux kernel's btrfs filesystem related to the dev-replace feature. The issue stems from inadequate validation of device names. This flaw could allow an attacker unauthorized access or manipulation of devices, impacting the system's security. Mitigation Mitigation...

DEBIAN-CVE-2024-26791

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

CVE-2024-26791

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

UBUNTU-CVE-2024-26791

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

CVE-2024-26791 btrfs: dev-replace: properly validate device names

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

CVE-2024-26791

CVE-2024-26791 — Linux kernel: btrfs dev-replace: properly validate device names. A syzbot report indicated device name buffers passed to device replace could read beyond end (getname_kernel) due to insufficient termination checks. The fix adds a helper that validates both source and target devic...

CVE-2024-3274 D-Link DNS-320L/DNS-320LW/DNS-327L HTTP GET Request info.cgi information disclosure

UNSUPPORTED WHEN ASSIGNED A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handler. The manipulation...

PT-2024-6465 · D Link · D-Link Dns-321 +16

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 versions up to 20240814...

PT-2024-6462 · D Link · D-Link Dns-321 +16

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 up to 20240814 Description: A...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from btrfs dev-replace not properly validating device names, which could lead to out-of-bounds reads...