6037 matches found
CVE-2024-28613
SQL Injection vulnerability in PHP Task Management System v.1.0 allows a remote attacker to escalate privileges and obtain sensitive information via the taskid parameter of the task-details.php, and edit-task.php component...
CVE-2024-28613
CVE-2024-28613 describes an SQL Injection vulnerability in PHP Task Management System v1.0. The flaw allows a remote attacker to escalate privileges and access sensitive information through the task_id parameter used by task-details.php and edit-task.php. Public references in the initial and conn...
CVE-2024-28613
SQL Injection vulnerability in PHP Task Management System v.1.0 allows a remote attacker to escalate privileges and obtain sensitive information via the taskid parameter of the task-details.php, and edit-task.php component...
PHP Task Management System SQL注入漏洞
SourceCodester Task Management System is a task management system. A SQL injection vulnerability exists in PHP Task Management System version v.1.0, which could allow remote attackers to escalate privileges and obtain sensitive information via the taskid parameter of the task-details.php and...
New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control C2 server IP...
SUSE CVE-2024-26842
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix shift issue in ufshcdclearcmd When tasktag = 32 in MCQ mode and sizeofunsigned int == 4, 1U Workqueue: ufsehwq0 ufshcderrhandler Call trace: dumpbacktrace+0xf8/0x144 showstack+0x18/0x24 dumpstacklvl+0x78/0x9c...
SUSE CVE-2024-26845
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist but does not go to target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and waits for...
SUSE CVE-2024-26873
In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix a deadlock issue related to automatic dump If we issue a disabling PHY command, the device attached with it will go offline, if a 2 bit ECC error occurs at the same time, a hung task may be found: 4613.652388...
CVE-2024-26890
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: fix out of bounds memory access The problem is detected by KASAN. btrtl driver uses private hci data to store 'struct btrealtekdata'. If btrtl driver is used with btusb, then memory for private hci data is...
CVE-2024-26875
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix uaf in pvr2contextsetnotify Syzbot reported BUG: KASAN: slab-use-after-free in pvr2contextsetnotify+0x2c4/0x310 drivers/media/usb/pvrusb2/pvrusb2-context.c:35 Read of size 4 at addr ffff888113aeb0d8 by task...
UBUNTU-CVE-2024-26873
In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix a deadlock issue related to automatic dump If we issue a disabling PHY command, the device attached with it will go offline, if a 2 bit ECC error occurs at the same time, a hung task may be found: 4613.652388...
CVE-2024-26892 wifi: mt76: mt7921e: fix use-after-free in free_irq()
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in freeirq From commit a304e1b82808 "PATCH Debug shared irqs", there is a test to make sure the shared irq handler should be able to handle the unexpected event after deregistration. For th...
CVE-2024-26875 media: pvrusb2: fix uaf in pvr2_context_set_notify
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix uaf in pvr2contextsetnotify Syzbot reported BUG: KASAN: slab-use-after-free in pvr2contextsetnotify+0x2c4/0x310 drivers/media/usb/pvrusb2/pvrusb2-context.c:35 Read of size 4 at addr ffff888113aeb0d8 by task...
CVE-2024-26873 scsi: hisi_sas: Fix a deadlock issue related to automatic dump
In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix a deadlock issue related to automatic dump If we issue a disabling PHY command, the device attached with it will go offline, if a 2 bit ECC error occurs at the same time, a hung task may be found: 4613.652388...
CVE-2024-26873 scsi: hisi_sas: Fix a deadlock issue related to automatic dump
In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix a deadlock issue related to automatic dump If we issue a disabling PHY command, the device attached with it will go offline, if a 2 bit ECC error occurs at the same time, a hung task may be found: 4613.652388...
CVE-2024-26862 packet: annotate data-races around ignore_outgoing
In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignoreoutgoing ignoreoutgoing is read locklessly from devqueuexmitnit and packetgetsockopt Add appropriate READONCE/WRITEONCE annotations. syzbot reported: BUG: KCSAN: data-race in devqueuexmitn...
CVE-2024-26859 net/bnx2x: Prevent access to a freed page in page_pool
In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in pagepool Fix race condition leading to system crash during EEH error handling During EEH error recovery, the bnx2x driver's transmit timeout logic could cause a race condition when...
CVE-2024-26852 net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6routempathnotify syzbot found another use-after-free in ip6routempathnotify 1 Commit f7225172f25a "net/ipv6: prevent use after free in ip6routempathnotify" was not able to fix the root cause. We...
DEBIAN-CVE-2024-26845
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist but does not go to target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and waits for...
UBUNTU-CVE-2024-26845
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist but does not go to target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and waits for...