PT-2024-11092 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak has been identified in the Linux kernel's ACPI scan functionality. The issue arises when the acpi device set name function fails, resulting in a potential memory leak if...

GHSA-85CP-P426-42F5 Prototype Pollution in deep-get-set

All versions of package deep-get-set prior to version 1.1.1 are vulnerable to Prototype Pollution via the main function...

@draadnl/openstad-cms (>=0.12.2 <=0.12.3), @ngodn/apostrophe (>=2.94.2 <=2.94.7) +37 more potentially affected by CVE-2020-7715 via deep-get-set (=0.1.1)

deep-get-set NPM version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on deep-get-set and may be impacted: - @draadnl/openstad-cms =0.12.2, =2.94.2, =1.3.0, =0.0.1, =0.5.235, =2.94.1, =0.5.0, =0.5.0, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =2.93.0,...

Prototype Pollution in deep-get-set

All versions of package deep-get-set prior to version 1.1.1 are vulnerable to Prototype Pollution via the main function...

GHSA-JH2M-J8PP-55RC Prototype Pollution in gedi

All versions of package gedi up to and including version 1.6.3 are vulnerable to Prototype Pollution via the set function...

Prototype Pollution in gedi

All versions of package gedi up to and including version 1.6.3 are vulnerable to Prototype Pollution via the set function...

GHSA-FMRR-MX6J-H3H5 Prototype Pollution in confucious

All versions of package confucious up to and including version 0.0.12 are vulnerable to Prototype Pollution via the set function...

GHSA-RGFV-V3JH-7FFP Prototype Pollution in deeps

All versions of package deeps up to and including version 1.4.5 are vulnerable to Prototype Pollution via the set function...

Prototype Pollution in deeps

All versions of package deeps up to and including version 1.4.5 are vulnerable to Prototype Pollution via the set function...

Prototype Pollution in irrelon-path and @irrelon/path

The package irrelon-path before 4.7.0; the package @irrelon/path before 4.7.0 are vulnerable to Prototype Pollution via the set, unSet, pushVal and pullVal functions...

GHSA-J7CG-H9V9-6VQP Prototype Pollution in irrelon-path and @irrelon/path

The package irrelon-path before 4.7.0; the package @irrelon/path before 4.7.0 are vulnerable to Prototype Pollution via the set, unSet, pushVal and pullVal functions...

CVE-2021-32055

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

PT-2021-4065 · Neomutt +4 · Neomutt +4

Name of the Vulnerable Software and Affected Versions: Mutt versions 1.11.0 through 2.0.x before 2.0.7 NeoMutt versions 2019-10-25 through 2021-05-04 Description: The issue is related to incorrect handling of an IMAP sequence set that ends with a comma in the imap/util.c component of Mutt and...

bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability...

bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability...

bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability...

PT-2024-11114 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the memory control and slab management in the Linux kernel. Specifically, it involves the use of obj cgroup APIs to charge kmem pages. The problem arises when...

PT-2021-8032 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.18-53-default 1 SLE15-SP3 Description: The vulnerability is related to a double free of the blk mq tag set in the device-mapper table for a request-based mapped device. When the allocation/initialization of...

Code injection

Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a repository using Git on...

CVE-2021-30233

The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iptvvlan parameter...