CVE-2024-26678

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...

PT-2024-21455 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the x86/efistub in the Linux kernel, where the .compat section, a dummy PE section containing the address of the 32-bit entrypoint of the 64-bit kernel image, i...

Moderate: Red Hat Security Advisory: logging for Red Hat OpenShift security update

An update is now available for RHOL-5.8-RHEL-9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

CVE-2023-52623

CVE-2023-52623 is a Linux kernel vulnerability related to SUNRPC where a suspicious RCU usage warning was observed: the RCU-list was traversed in a non-reader section in net/sunrpc/xprtmultipath.c:349. The connected Astra Linux and other advisories confirm this CVE and describe the fix as address...

Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks CVE-2024-22019 nodejs: vulnerable to timing variant of...

KLA65243 PE vulnerability in Microsoft Apps

An elevation of privilege vulnerability was found in Microsoft Apps. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2024-28916 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. Related...

ALSA-2024:1435 Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE CVE-2024-1597...

Important: Red Hat Security Advisory: ovn23.03 security update

An update for ovn23.03 is now available in Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

CVE-2024-26639

A vulnerability was found in mm, kmsan Kernel Memory Sanitizer component of Linux Kernel, causing infinite recursion due to a RCU Read-Copy Update critical section when accessing memory metadata. This recursion led to system instability and leads to DoS. Mitigation Red Hat has investigated whethe...

CVE-2024-26639

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-26639

...

CVE-2024-26639

CVE-2024-26639 entry is rejected/not used and does not represent an active vulnerability entry.

Sinking Section 702 Wiretap Program Offered One Last Lifeboat

For months, US lawmakers have examined every side of a historic surveillance debate. With the introduction of the SAFE Act, all that’s left to do now is vote...

RiteCMS Cross-Site Scripting Vulnerability (CNVD-2025-21552)

RiteCMS is an open source content management system based on PHP and SQLite. RiteCMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the component mainmenu/editsection, which can be exploited by an attacker to...

SUSE SLES12 Security Update : zabbix (SUSE-SU-2024:0862-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0862-1 advisory. - The cause of vulnerability is improper validation of form input field Name on Graph page in Items section. CVE-2024-22119 Note that Nessus...

SUSE CVE-2023-52489

In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that ZONENORMAL ZONEDEVICE ZONENORMAL...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RiteCMS 跨站脚本漏洞

RiteCMS is an open source content management system based on PHP and SQLite. RiteCMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the component mainmenu/editsection, which can be exploited by an attacker to...

CVE-2023-52489

A race condition was found on a PFN in the Linux Kernel, which can fall into the device memory region with the system memory configuration. Normal zone start and end PFNs contain the device memory PFNs as well, and the compaction triggered will try on the device memory PFNs and end up in NOP. Thi...