DEBIAN-CVE-2024-43875

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Clean up error handling in vpciscanbus Smatch complains about inconsistent NULL checking in vpciscanbus: drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpciscanbus error: we previously assumed 'vpcibus' could b...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an error handling issue in the PCI component in vpciscanbus...

TruffleHog 安全漏洞

TruffleHog is an open source tool from Truffle Security. A security vulnerability exists in versions of TruffleHog prior to v3.81.9. An attacker uses the vulnerability to somehow produce data that, when scanned by a specific detector, sends an unauthorized request to an endpoint of the attacker's...

CVE-2024-42316

CVE-2024-42316 : Linux kernel fix for div-by-zero in vmpressure_calc_level() within mm/mglru evictions. The issue arose in the second pass of evict_folios(), where deducting scan_control->nr_scanned could underflow nr_scanned if folio_trylock() failed, causing the divisor scale = scanned + rec...

We’re making it easier for you to protect your identity

Things have changed in cybersecurity. Gone are the days when our only worry was downloading a virus. Now, 71% of people say having their data leaked and identity stolen is one of their biggest fears about being online. Sadly, they’re right to be concerned: Fraud losses hit $10 billion in 2023 up...

Fedora 39 : xrdp (2024-41c1bf8de6)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-41c1bf8de6 advisory. Release notes for xrdp v0.10.1 2024/07/31 General announcements A clipboard bugfix included in this release is sponsored by Krmer Pferdesport GmbH & Co KG. W...

CVE-2024-42408

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure...

kernel: wifi: rtw89: fix null pointer access when abort scan

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan The Linux kernel CVE team has assigned CVE-2024-35946 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051921-CVE-2024-35946-c2c2@gregkh/T...

kernel: wifi: rtw89: fix null pointer access when abort scan

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan The Linux kernel CVE team has assigned CVE-2024-35946 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051921-CVE-2024-35946-c2c2@gregkh/T...

Exploit for Incorrect Authorization in Apache Ofbiz

CVE-2024-38856 For Ethical Usage only, Any harmful or malicio...

Fedora 40 : orc (2024-c7bb042d5b)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c7bb042d5b advisory. Update to 0.4.39 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Exploit for CVE-2023-4596

CVE-2024-6387-OpenSSH-Multi-Checker The CVE-2024-6387-checke...

SUSE CVE-2024-42125

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband We have some policy via BIOS to block uses of 6 GHz. In this case, 6 GHz sband will be NULL even if it is WiFi 7 chip. So, add NULL handling here to avoid...

CBL Mariner 2.0 Security Update: python3 (CVE-2024-0397)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0397 advisory. - A defect was discovered in the Python ssl module where there is a memory race condition with the...

CVE-2024-33015

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report...

CVE-2024-33015

CVE-2024-33015 describes a transient DoS in the WLAN host stack during parsing of a SCAN RNR Information Element. Root cause: when bytes from the AP cause the size of the last IE parameter to be smaller than the neighboring report, a DoS can occur. Documented references indicate this affects Qual...

CVE-2024-33015 Buffer Over-read in WLAN Host

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report...

CVE-2024-33015 Buffer Over-read in WLAN Host

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report...

CVE-2024-21467

CVE-2024-21467 is a WLAN information-disclosure issue arising from how beacon probe frames are processed during scan entry generation on the client side. Affected component: Qualcomm WLAN/host stack; root cause: out-of-bounds beacon probe frame handling leading to information disclosure with pote...

CVE-2024-21467 Buffer Over-read in WLAN Host Communication

Information disclosure while handling beacon probe frame during scan entry generation in client side...