CVE-2023-23474

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 245403...

CVE-2023-23474 IBM Cognos Controller information disclosure

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 245403...

CVE-2023-23474

CVE-2023-23474 – IBM Cognos Controller information disclosure Affected versions: IBM Controller 10.4.1, 10.4.2, and 11.0.0 expose sensitive information when a stack trace is returned in the browser. Root cause (as described): returning stack traces from the web interface can reveal sensitive data...

CVE-2024-26868

In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4fflayoutprepareds fails We've been seeing the following panic in production BUG: kernel NULL pointer dereference, address: 0000000000000065 PGD 2f485f067 P4D 2f485f067 PUD 2cc5d8067 PMD 0 RIP:...

CVE-2024-26868 nfs: fix panic when nfs4_ff_layout_prepare_ds() fails

In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4fflayoutprepareds fails We've been seeing the following panic in production BUG: kernel NULL pointer dereference, address: 0000000000000065 PGD 2f485f067 P4D 2f485f067 PUD 2cc5d8067 PMD 0 RIP:...

CVE-2024-26868 nfs: fix panic when nfs4_ff_layout_prepare_ds() fails

In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4fflayoutprepareds fails We've been seeing the following panic in production BUG: kernel NULL pointer dereference, address: 0000000000000065 PGD 2f485f067 P4D 2f485f067 PUD 2cc5d8067 PMD 0 RIP:...

CVE-2024-26794

...

CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

CVE-2024-26794

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

UBUNTU-CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

CVE-2024-26742 scsi: smartpqi: Fix disable_managed_interrupts

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

CVE-2024-26742 scsi: smartpqi: Fix disable_managed_interrupts

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

CVE-2024-26656 drm/amdgpu: fix use-after-free bug

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpugemuserptrioctl to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo Jung . For example the...

CVE-2021-47126

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6nhflushexceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree:...

fgr Vulnerable to Insecure Default Variable Initialization

Impact Any users whom would not desire a traceback to be included in their logs whenever an error is raised in their code will be affected. If users have inadvertently created a scenario in their code that could cause a traceback to include sensitive information and a malicious entity gained acce...

CVE-2024-28186 SMTP Mail Credentials Disclosed in Error Log in freescout

FreeScout is an open source help desk and shared inbox built with PHP. A vulnerability has been identified in the Free Scout Application, which exposes SMTP server credentials used by an organization in the application to users of the application. This issue arises from the application storing...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...

Security Bulletin: IBM® Db2® is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. (CVE-2023-47152)

Summary IBM® Db2® is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. Vulnerability Details CVEID:CVE-2023-47152 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to an insecure...