Important: Red Hat Security Advisory: booth security update

An update for booth is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

SUSE CVE-2024-36013

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2capconnect Extend a critical section to prevent chan from early freeing. Also make the l2capconnect return type void. Nothing is using the returned value but it is ugly to return a...

CVE-2023-43555

Information disclosure in Video while parsing mp2 clip with invalid section length...

CVE-2023-43555 Buffer Over-read in Video

Information disclosure in Video while parsing mp2 clip with invalid section length...

CVE-2023-43555 Buffer Over-read in Video

Information disclosure in Video while parsing mp2 clip with invalid section length...

CVE-2024-36962 net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...

RHEL 6 : gdb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - gdb: Malformed section in an ELF binary or a core file can cause memory exhaustion CVE-2017-9778 Note that Nessus h...

Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.14.6 Images security update

Red Hat OpenShift Virtualization release 4.14.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which giv...

Improper Access Control

silverstripe/framework is vulnerable to Improper Access Control. The vulnerability is due to missing canView checks when the report is actually viewed, allowing any report to be accessed if the URL is known and the user can access the Reports section of the CMS...

UBUNTU-CVE-2024-24686

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of commen...

CVE-2023-35953

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsibl...

CVE-2023-35952

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsibl...

CVE-2024-24685

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of commen...

GHSA-52CX-HPC5-CXWC silverstripe/framework missing ACL on reports

The SSReport, and the reports CMS section only checks canView when listing the reports that can be viewed by the current user. It does not and should perform canView checks when the report is actually viewed, so if you know the URL to a report and can otherwise access the Reports section of the...

PT-2024-40536 · Packagist · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A security issue allows a member with the EDIT PERMISSIONS permission and access to the "Security" section to escalate their privileges to ADMIN level by re-assigning themselves or...

CVE-2021-47517 ethtool: do not perform operations on net devices being unregistered

In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations could still be...

CVE-2021-47517 ethtool: do not perform operations on net devices being unregistered

In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations could still be...

Important: Red Hat Security Advisory: .NET 7.0 security update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2023-52777

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11kmacgetarvifbyvdevid was not marked as a read-side critical section. Mark...