6038 matches found
CVE-2024-35819
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IRQ context, even on PREEMPTRT, where spinlocks can sleep. So we need to use a raw spinlock for cgrlock to ensure we aren't waiting on...
CVE-2024-35819
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IRQ context, even on PREEMPTRT, where spinlocks can sleep. So we need to use a raw spinlock for cgrlock to ensure we aren't waiting on...
CVE-2024-35819 soc: fsl: qbman: Use raw spinlock for cgr_lock
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IRQ context, even on PREEMPTRT, where spinlocks can sleep. So we need to use a raw spinlock for cgrlock to ensure we aren't waiting on...
CVE-2024-35819 soc: fsl: qbman: Use raw spinlock for cgr_lock
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IRQ context, even on PREEMPTRT, where spinlocks can sleep. So we need to use a raw spinlock for cgrlock to ensure we aren't waiting on...
Cross-Site Scripting (XSS)
apache airflow is vulnerable to Cross-site Scripting XSS. The vulnerability is caused by improper handling of user input, which allows an authenticated attacker to inject malicious JavaScript into the task instance logs...
HCL BigFix Platform 安全漏洞
HCL Technologies HCL BigFix Platform is a suite of endpoint security management platform from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in the HCL BigFix Platform that stems from the...
PT-2024-19948
Name of the Vulnerable Software and Affected Versions Client Deploy Tool affected versions not specified Description An attacker could potentially intercept credentials via the task manager and perform unauthorized access to the Client Deploy Tool on Windows systems. Recommendations At the moment...
CVE-2024-4843
ePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate the client task and client task assignments, hence escalating his/her privilege...
CVE-2024-4843
ePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate the client task and client task assignments, hence escalating his/her privilege...
CVE-2024-4843
CVE-2024-4843 affects Trellix ePolicy Orchestrator (ePO). Publicly cited documents describe insecure direct object references that let a least-privileged user manipulate client tasks and client task assignments, enabling privilege escalation. The NVD/NVD-derived entries describe impact as insuffi...
Trellix ePolicy Orchestrator 安全漏洞
Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A security vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10 that stems from the presence of an insecure direct object reference that allows a low-privileged user to manipulate clien...
CVE-2024-3968
OpenText iManager 3.2.6.0200 is affected by CVE-2024-3968, a Remote Code Execution vulnerability that can be triggered via a custom file upload task. The vulnerability is documented with high-severity scores (NVD CVSSv3.1: 9.8/CRITICAL; Community security note with 7.8/HIGH) and indicates an atta...
Apple and Google join forces to stop unwanted tracking
Apple and Google have announced an industry specification for Bluetooth tracking devices which help alert users to unwanted tracking. The specification, called Detecting Unwanted Location Trackers, will make it possible to alert users across both iOS and Android if a device is unknowingly being...
NetIQ iManager 安全漏洞
NetIQ iManager is an advanced web-based management console from NetIQ UK. Customized, secure access to network management utilities and content can be provided from any location in the world. A security vulnerability exists in NetIQ iManager version 3.2.6.0200, which stems from the presence of...
The vulnerability of the `flush_all_cpus_locked()` function in the `mm/slub.c` module of the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the flushallcpuslocked function in the mm/slub.c module of the Linux kernel’s memory management subsystem is related to the use of an incorrect queue for task execution. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
Apache Airflow: XSS vulnerability in Task Instance Log/Log Details
Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue...
GHSA-52GM-QMG3-R4QP Apache Airflow: XSS vulnerability in Task Instance Log/Log Details
Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue...
CVE-2024-26238
Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability...
CVE-2024-26238
Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability...
CVE-2024-26238 Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability
...