Exploit for Integer Overflow or Wraparound in Microsoft

PoC exploit for CVE-2024-49113, a Windows Server vulnerability...

PT-2026-20439

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the handling of sb-s fs info within the HFS filesystem code. A memory leak could occur during the superblock allocation process when...

PT-2025-34405

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue where TDLS Tunnel Direct Link Setup operations were not properly rejected when a station was not associated. Specifically, a warning occurred in the...

PT-2025-52658

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the bmc150-accel-core.c file where the bmc150 accel set interrupt function is unconditionally called within the iio buffer setup ops, potentially...

CVE-2024-56800

Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. Versions prior to 1.1.1 contain a server-side request forgery SSRF vulnerability. The scraping engine could be exploited by crafting a malicious site that redirects to a local IP address...

CVE-2024-53195

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Get rid of userspaceirqchipinuse Improper use of userspaceirqchipinuse led to syzbot hitting the following WARNON in kvmtimerupdateirq: WARNING: CPU: 0 PID: 3281 at arch/arm64/kvm/archtimer.c:459...

CVE-2024-56677

In the Linux kernel, the following vulnerability has been resolved: powerpc/fadump: Move fadumpcmainit to setuparch after initmeminit During early init CMAMINALIGNMENTBYTES can be PAGESIZE, since pageblockorder is still zero and it gets initialized later during initmeminit e.g. setuparch -...

UBUNTU-CVE-2024-56677

In the Linux kernel, the following vulnerability has been resolved: powerpc/fadump: Move fadumpcmainit to setuparch after initmeminit During early init CMAMINALIGNMENTBYTES can be PAGESIZE, since pageblockorder is still zero and it gets initialized later during initmeminit e.g. setuparch -...

SUSE CVE-2024-53217

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4processcbupdate @ses is initialized to NULL. If nfsd4findbackchannel finds no available backchannel session, setupcallbackclient will try to dereference @ses and segfault...

AZL-68220 CVE-2024-56641 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/smc: initialize closework early to avoid warning We encountered a warning that closework was canceled before initialization. WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 flushwork+0x19e/0x1b0 Workqueue: events...

DEBIAN-CVE-2024-56583

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix warning in migrateenable for boosted tasks When running the following command: while true; do stress-ng --cyclic 30 --timeout 30s --minimize --quiet done a warning is eventually triggered: WARNING: CPU: 43 PID...

UBUNTU-CVE-2024-53200

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in hwsssetupdpp This commit addresses a null pointer dereference issue in hwsssetupdpp. The issue could occur when pipectx-planestate is null. The fix adds a check to ensure...

UBUNTU-CVE-2024-53217

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4processcbupdate @ses is initialized to NULL. If nfsd4findbackchannel finds no available backchannel session, setupcallbackclient will try to dereference @ses and segfault...

CVE-2024-56543 wifi: ath12k: Skip Rx TID cleanup for self peer

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Skip Rx TID cleanup for self peer During peer create, dp setup for the peer is done where Rx TID is updated for all the TIDs. Peer object for self peer will not go through dp setup. When core halts, dp cleanup is do...

CVE-2024-53200 drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in hwsssetupdpp This commit addresses a null pointer dereference issue in hwsssetupdpp. The issue could occur when pipectx-planestate is null. The fix adds a check to ensure...

CVE-2024-53200

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in hwsssetupdpp This commit addresses a null pointer dereference issue in hwsssetupdpp. The issue could occur when pipectx-planestate is null. The fix adds a check to ensure...

SUSE CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

The vulnerability of the dwmac-rk component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the dwmac-rk component in the Linux operating system is related to errors in reading beyond the boundary in the rkgmacsetup function. Exploiting this vulnerability can allow an attacker to cause a service failure...

MAL-2024-12282 Malicious code in handyfiles (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 381cd796d4e5fce8fb62c337374b5303e0b2466d67467efc95cbc4d7d8248dd4 During the installation, the package iterates its files and attempts to import a hidden module - which is embedded as ZIP archive in the image file --- Categor...

MAL-2024-12272 Malicious code in filecraft (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d0eec02526b659b5e856c211e05be1842dc283ed0b7d07dc90574ea5c7dc34a During the installation, the package iterates its files and attempts to import a hidden module - which is embedded as ZIP archive in the image file --- Categor...