PT-2024-14751 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A fix has been applied to the Linux kernel to resolve an array out-of-bound access issue in the syscall tp user component of the bpf samples. Recommendations: At the moment, there is n...

UBUNTU-CVE-2024-35925

In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blkrqstatsum The expression dst-nrsamples + src-nrsamples may have zero value on overflow. It is necessary to add a check to avoid division by zero. Found by Linux Verification Center...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the expression dst-nrsamples + src-nrsamples may have a value of zero upon overflow...

DEBIAN-CVE-2023-50007

FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the avsamplessetsilence function in thelibavutil/samplefmt.c:260:9 component...

UBUNTU-CVE-2023-50007

FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the avsamplessetsilence function in thelibavutil/samplefmt.c:260:9 component...

Change Healthcare Faces Another Ransomware Threat—and It Looks Credible

Change Healthcare ransomware hackers already received a $22 million payment. Now a second group is demanding money, and it has sent WIRED samples of what they claim is the company's stolen data...

DEBIAN-CVE-2024-30916

An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service DoS and obtain sensitive information via a crafted maxsamples parameter in DurabilityService QoS component...

CVE-2024-30915

An issue was discovered in OpenDDS commit b1c534032bb62ad4ae32609778de6b8d6c823a66, allows a local attacker to cause a denial of service and obtain sensitive information via the maxsamples parameter within the DataReaderQoS component...

The vulnerability of the `flush_ref_samples()` function in the file `/gpac/src/isomedia/movie_fragments.c` of the multimedia platform GPAC allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the flushrefsamples function in the file /gpac/src/isomedia/moviefragments.c of the multimedia platform GPAC is related to the incorrect use of dynamic memory during program execution. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

OESA-2024-1217 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...

CVE-2024-24148

creationtimestamp| type| source ---|---|--- 2024-02-28 21:26:56+00:00| seen| https://t.me/ctinow/195878 2024-02-28 21:27:06+00:00| seen| https://t.me/ctinow/195888...

CVE-2024-24564

creationtimestamp| type| source ---|---|--- 2024-02-26 18:36:30+00:00| published-proof-of-concept| https://github.com/vyperlang/vyper/security/advisories/GHSA-4hwq-4cpm-8vmx 2024-02-26 21:26:20+00:00| seen| https://t.me/ctinow/193769 2024-02-26 21:31:45+00:00| seen| https://t.me/ctinow/193776...

CVE-2024-1590

creationtimestamp| type| source ---|---|--- 2024-02-23 11:26:24+00:00| seen| https://t.me/ctinow/191652 2024-02-23 11:26:27+00:00| seen| https://t.me/ctinow/191655 2024-03-13 16:41:41+00:00| seen| https://t.me/ctinow/206873...

CVE-2024-26578

creationtimestamp| type| source ---|---|--- 2024-02-22 11:26:55+00:00| seen| https://t.me/ctinow/190634 2024-02-22 11:27:02+00:00| seen| https://t.me/ctinow/190640...

CVE-2023-52427

In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resourcelimits.maxsamples. NOTE: the vendor's position is that the product is not designed to handle a maxsamples value that is too large for the amount of memory on the system...

CVE-2023-52427

In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resourcelimits.maxsamples. NOTE: the vendor's position is that the product is not designed to handle a maxsamples value that is too large for the amount of memory on the system...

PT-2024-14585 · Opendds · Opendds

Name of the Vulnerable Software and Affected Versions: OpenDDS versions through 3.27 Description: The issue arises when a DataWriter is used with a large value of resource limits.max samples, leading to a segmentation fault. The vendor's stance is that the product is not designed to handle max...

GHSA-MW2C-VX6J-MG76 CKEditor4 Cross-site Scripting vulnerability in samples with enabled the preview feature

Affected packages The vulnerability has been discovered in the samples that use the preview feature: samples/old//.html plugins/plugin name/samples//.html All integrators that use these samples in the production code can be affected. Impact A potential vulnerability has been discovered in one of...

CKEditor4 Cross-site Scripting vulnerability in samples with enabled the preview feature

Affected packages The vulnerability has been discovered in the samples that use the preview feature: samples/old//.html plugins/plugin name/samples//.html All integrators that use these samples in the production code can be affected. Impact A potential vulnerability has been discovered in one of...

DEBIAN-CVE-2024-24816

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the preview feature. All integrators that use these samples in the production code can be affected. The...