CVE-2023-52677 riscv: Check if the code to patch lies in the exit section

In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloctopage which panics since the address does not lie in the vmalloc region...

CVE-2023-52677 riscv: Check if the code to patch lies in the exit section

In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloctopage which panics since the address does not lie in the vmalloc region...

PT-2024-26747

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the Linux kernel's EFI stub, which calls into the EFI boot services using the stack that was live when the stub was entered. According to the UEFI spec, this stac...

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2024:2853 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to...

CVE-2024-27395

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovsctexit Since kfreercu, which is called in the hlistforeachentryrcu traversal of ovsctlimitexit, is not part of the RCU read critical section, it is possible that the RCU grace period wil...

RHEL 5 : gdb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code...

RHEL 6 : gdb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code...

python3.11-cryptography security update

An update is available for python3.11-cryptography. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-cryptography packages contain a Python Cryptograph...

golang security update

An update is available for golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...

Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of servi...

SUSE: Security Advisory (SUSE-SU-2024:1462-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

New Lawsuit Attempting to Make Adversarial Interoperability Legal

Lots of complicated details here: too many for me to summarize well. It involves an obscure Section 230 provision--and an even more obscure typo. Read this...

CVE-2024-33753

Section Camera V2.5.5.3116-S50-SMA-B20160811 and earlier versions allow the accounts and passwords of administrators and users to be changed without authorization...

Section Camera 安全漏洞

Section Camera is a series of cameras from Section. A security vulnerability exists in Section Camera version V2.5.5.3116-S50-SMA-B20160811 and prior versions, which stems from a vulnerability that allows unauthorized changes to administrator and user accounts and passwords...

PT-2024-25465 · Unknown · Section Camera

Name of the Vulnerable Software and Affected Versions: Section Camera versions 2.5.5.3116-S50-SMA-B20160811 and earlier Description: The issue allows the accounts and passwords of administrators and users to be changed without authorization. Recommendations: For Section Camera versions...

SUSE CVE-2024-27053

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ 333 N...

CVE-2024-27053

A flaw was found in the Linux kernel's Wi-Fi hif.c driver, where RCU-protected data is accessed without correctly managing the required RCU read-side critical section. This can lead to synchronization issues, including race conditions and use-after-free errors when accessing this data. This...

CVE-2024-33423

Cross-Site Scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Logout parameter under the Language section...

CVE-2024-33423

Cross-Site Scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Logout parameter under the Language section...