AZL-50891 CVE-2024-47701 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem When looking up for an entry in an inlined directory, if evalueoffs is changed underneath the filesystem by some change in the block device, it will lead to...

UBUNTU-CVE-2024-47701

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem When looking up for an entry in an inlined directory, if evalueoffs is changed underneath the filesystem by some change in the block device, it will lead to...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ext4 file system that could lead to out-of-bounds access when the system.data extended attribute is...

Vulnerabilities fixed in Apple macOS

Apple fixed vulnerabilities in macOS A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Circumvention of security measure - Access to sensitive data - Access to system data Fo...

XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`

XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`

XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

Malicious code in tiktok-session-lite-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d743d2be81de51fd6992aaa1749e06583b3d36698e80bbd08466b2af022feeeb Collects basic information about the system, most probably a pentest or bug bounty. --- Category: PROBABLYPENTEST - Packages looking like typical pentest...

Malicious code in ttat-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 171a49cab7c7b9f2c358c0e14882706dcd80cde089799698400155ee26240e80 Collects basic information about the system, most probably a pentest or bug bounty. --- Category: PROBABLYPENTEST - Packages looking like typical pentest...

Malicious code in byted-rtc-robot-api-v2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 69373c46b5c735a1890c7a3b601ef30c64493d656302703ceccd4d153e3dab11 Collects basic information about the system, most probably a pentest or bug bounty. --- Category: PROBABLYPENTEST - Packages looking like typical pentest...

MAL-2024-12353 Malicious code in subsys-counter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d5aa9a3a8888bf731b171ad413a70076df1eff7c362d520f6f3457057aa615f7 Collects basic information about the system, most probably a pentest or bug bounty. --- Category: PROBABLYPENTEST - Packages looking like typical pentest...

MAL-2024-12366 Malicious code in ttat-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 171a49cab7c7b9f2c358c0e14882706dcd80cde089799698400155ee26240e80 Collects basic information about the system, most probably a pentest or bug bounty. --- Category: PROBABLYPENTEST - Packages looking like typical pentest...

The vulnerability of the microprogramming software for RUGGEDCOM ROS, related to the disclosure of system data by unauthorized parties in the controlled area, allows a intruder to disclose protected information.

The vulnerability of the microprogramming software of RUGGEDCOM ROS relates to the disclosure of system data within the controlled area. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose the protected information...

Vulnerability found in Ivanti Endpoint Manager

Ivanti has fixed vulnerabilities in Ivanti Endpoint Manager. Vulnerabilities have been fixed in Ivanti Endpoint Manager. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Remote code execution User rights Remote code execution...

The vulnerability in the web client of IBM Datacap Navigator software for document collection and processing allows unauthorized individuals to access system data, enabling them to disclose protected information.

The vulnerability of the IBM Datacap Navigator software for document collection and processing lies in the fact that system data can be disclosed to unauthorized individuals. Exploiting this vulnerability allows a malicious actor to disclose protected information by sending specially crafted HTTP...

Vulnerabilities fixed in Oracle Siebel CRM

Vulnerabilities have been fixed in Oracle Siebel CRM. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Remote code execution User righ...

Vulnerabilities fixed in Oracle PeopleSoft

Vulnerabilities have been fixed in Oracle PeopleSoft. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Oracle has made updates...

Vulnerabilities fixed in Oracle JD Edwards

Vulnerabilities have been fixed in Oracle JD Edwards. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Oracle has made updates availab...

Vulnerabilities fixed in Oracle Java SE

Vulnerabilities have been fixed in Oracle Java SE. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Oracle has made updates availab...

Vulnerabilities fixed in Oracle Fusion Middleware

Vulnerabilities have been fixed in Oracle Fusion Middleware. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Remote code execution Us...

Vulnerabilities fixed in Oracle E-Business Suite

Vulnerabilities have been fixed in Oracle E-Business Suite. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Access to sensitive data. Access to system data Manipulation of data Oracle has made updates available to fix the...