CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

DEBIAN-CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

AZL-54939 CVE-2024-53145 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

AZL-54960 CVE-2024-53145 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

UBUNTU-CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

CVE-2024-53145 um: Fix potential integer overflow during physmem setup

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

CVE-2024-53145

CVE-2024-53145 – Linux kernel integer overflow in physmem setup : The vulnerability occurs when the real map size is greater than LONG_MAX, which can be triggered on UML/i386, leading to an overflow during physical memory (physmem) setup. The connected Astra Linux security bulletin mirrors the Li...

CVE-2024-53145 um: Fix potential integer overflow during physmem setup

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

CVE-2024-53240 xen/netfront: fix crash when removing device

In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt to stop the queues...

CVE-2024-53240

The CVE-2024-53240 entry refers to a Xen netfront crash in the Linux kernel. The issue occurs when removing a netfront device directly after a suspend/resume cycle, where queues may not be reinitialized and a crash can happen when stopping them. The fix is to check that the queues exist before st...

CVE-2024-53275 GHSL-2024-091: DNS rebinding attack in home-gallery

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable to DNS rebinding. I...

Exploit for Cross-site Scripting in Melapress Wp_Activity_Log

CVE-2024-10793 PoC Set this lines to your hosts file:...

Malicious code in setup-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3cd9285f7d743a645d9b4834df4d7f61b6cc9bd314cf339252e7458d0f61244 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12039 Malicious code in setup-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3cd9285f7d743a645d9b4834df4d7f61b6cc9bd314cf339252e7458d0f61244 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2024-35708 · Unknown · Home-Gallery.Org

Name of the Vulnerable Software and Affected Versions: Home-Gallery.org versions 1.15.0 and earlier Description: The default setup of Home-Gallery.org is vulnerable to DNS rebinding due to the lack of TLS and user authentication. An attacker can exploit this by changing the DNS records of their...

The vulnerability of the gst_parse_vorbis_setup_packet function in the Gstreamer multimedia framework allows a hacker to cause a service failure.

The vulnerability of the gstparsevorbissetuppacket function in the Gstreamer multimedia framework is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

IBM MQ 代码问题漏洞

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A denial of service vulnerability exists in IBM MQ versions 8.1.0 through 8.1.0.25, which stems from...

BIT-NODE-MIN-2022-32223

Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine: OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf”...

Malicious code in zip-me (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4ae48b0e5e3d93cee49e83f0bfa47a43f02ede60914545d0d82204c6664fde6f During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...