CVE-2023-6143

CVE-2023-6143 describes a Use-After-Free race condition in ARM Mali GPU Kernel Drivers (Midgard: r13p0–r32p0; Bifrost: r1p0–r18p0; Valhall: r37p0–r46p0; Arm 5th Gen: r41p0–r46p0). A local non-privileged user can trigger improper memory processing under heavy load with carefully prepared memory, l...

BELL-CVE-2024-26615

Bulletin has no description...

CVE-2024-27355

An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. When processing the ASN.1 object identifier of a certificate, a sub identifier may be provided that leads to a denial of service CPU consumption for decodeOID...

CVE-2021-47058

In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfsname to NULL after it is freed There is a upstream commit cffa4b2122f5"regmap:debugfs: Fix a memory leak when calling regmapattachdev" that adds a if condition when create name for debugfsname. With below...

CVE-2021-46967

In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix vmflags for virtqueue doorbell mapping The virtqueue doorbell is usually implemented via registeres but we don't provide the necessary vma-flags like VMPFNMAP. This may cause several issues e.g when userspace trie...

DSR mode- Permanently High packet CPU Usage (100%) is seen in the Primary

Packet CPU usage remains consistently at 100% High Loopback traffic is observed on the node...

CVE-2024-26578

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

CVE-2023-6937

wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a result, it was possible to combine DTLS messages using different keys into one DTLS record. The most extreme edge case is that, in DTLS 1.3, it was possible that an unencrypted DTLS 1.3 record...

Authentication fails through Remote Power shell SDK

Authentication fails through Remote Power shell SDK whenupper case and lower case are present in the Customer ID...

BELL-CVE-2024-24806

Bulletin has no description...

BELL-CVE-2023-6780

Bulletin has no description...

GHSA-8XW6-9H78-C89J Ylianst MeshCentral Missing SSL Certificate Validation

Ylianst MeshCentral 1.1.16 is vulnerable to Missing SSL Certificate Validation...

OSV-2024-38 Heap-buffer-overflow in json_HEADER

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66046 Crash type: Heap-buffer-overflow WRITE 2 Crash state: jsonHEADER dwgreadjson llvmfuzz.c...

PT-2024-7923

Name of the Vulnerable Software and Affected Versions braces versions prior to 3.0.3 Description The issue is related to uncontrolled resource consumption. If a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to allocate heap memory without...

error when importing new vdisk AN unexpected MAPI Error Occured

When trying to import vdisks into the PVS console, you may received an error. This occurs when it should be populating the list of disks available to import. The message is "An unexpected MAPI error occurred. Details: Index was outside the bounds of the array"...

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability exists because the web-based...

Webcam redirection in double hop is not working

Webcam is not working anymore in a double hop scenario. If the first hop VDA is 1912CU3 webcam redirects fine. However if first hop VDA is CVAD 1912 CU8 VDA then webcam redirection fails. With https://webcamtests.com/ when clicking on "Test my cam" an error is seen. "Your webcam is being used or...

GHSA-G57V-2687-JX33 PaddlePaddle stack overflow in paddle.linalg.lu_unpack

Stack overflow in paddle.linalg.luunpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage...

MAL-2024-8 Malicious code in @authentication-pages/vue-cli-prebuild (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3c92ef13745278b15d59dfa706f96df5f1c3bb0261c9471d3e56eaa1449059e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV-2023-1377 UNKNOWN READ in FuzzedFileProvider::seek

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65417 Crash type: UNKNOWN READ Crash state: FuzzedFileProvider::seek IOdowrite IOfilecloseit...