423 matches found
CVE-2024-56750 erofs: fix blksize < PAGE_SIZE for file-backed mounts
In the Linux kernel, the following vulnerability has been resolved: erofs: fix blksize sblocksize,bits directly for file-backed mounts when the fs block size is smaller than PAGESIZE. Previously, EROFS used sbsetblocksize, which caused a panic if bdev-backed mounts is not used...
Malicious code in safeness-sb (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d558c870d1afa6f183ac52e8fe21ea328ac4e688f64dd389d3a1b4e98f0a93f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11155 Malicious code in safeness-sb (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d558c870d1afa6f183ac52e8fe21ea328ac4e688f64dd389d3a1b4e98f0a93f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
KLA77143 Multiple vulnerabilities in PostgreSQL
Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability can be exploited remotely to gain...
KLA77108 ACE vulnerability in Microsoft System Center
A remote code execution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories CVE-2024-5535 Related products Microsoft-System-Center-Virtual-Machine-Manager...
KLA77062 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Inappropriate implementation vulnerability in Blink can be...
CVE-2024-47691 f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free in f2fsstopgcthread syzbot reports a f2fs bug as below: dumpstack lib/dumpstack.c:88 inline dumpstacklvl+0x241/0x360 lib/dumpstack.c:114 printreport+0xe8/0x550 mm/kasan/report.c:491...
CVE-2024-48029
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Hung Trang Si SB Random Posts Widget sb-random-posts-widget allows PHP Local File Inclusion.This issue affects SB Random Posts Widget: from n/a through = 1.0...
CVE-2024-48029
CVE-2024-48029 affects the WordPress SB Random Posts Widget. The vulnerability is an improper control of the filename for include/require statements in PHP (PHP Remote File Inclusion) that enables Local File Inclusion via the SB Random Posts Widget
KLA74035 Multiple vulnerabilities in Oracle Java
Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Validation of untrusted input vulnerability can be exploited...
WordPress SB Random Posts Widget plugin <= 1.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin SB Random Posts Widget versions = 1.0...
WordPress SB Random Posts Widget Plugin <= 1.0 is vulnerable to Local File Inclusion
Software SB Random Posts Widget Type Plugin Vulnerable versions = 1.0 Fixed in 1.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-48029 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 4e7fd324ea44 Credits João Pedro S Alcântara Kinorth Required...
KLA73437 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Type confusion vulnerability in V8 can be...
md/md-bitmap: fix incorrect usage for sb_index
...
KLA73124 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, cause denial of service, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1...
KLA73182 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, perform cross-site scripting attack, spoof user interface. Below is a complete list of vulnerabilities: 1...
Important: Red Hat Security Advisory: linux-firmware security update
An update for linux-firmware is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
SUSE CVE-2022-48869
In the Linux kernel, the following vulnerability has been resolved: USB: gadgetfs: Fix race between mounting and unmounting The syzbot fuzzer and Gerald Lee have identified a use-after-free bug in the gadgetfs driver, involving processes concurrently mounting and unmounting the gadgetfs filesyste...
Unbreakable Enterprise kernel security update
4.14.35-2047.539.5 - Revert 'mm/writeback: fix possible divide-by-zero in wbdirtylimits, again' Jan Kara - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879158 CVE-2024-41090 CVE-2024-41091 4.14.35-2047.539.4 - Fix parsing error in UEK5 kernel-uek-spec Yifei Liu Orabug: 368471...
KLA71071 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in WebTransport can be exploited to cause denial of...