CVE-2024-1930

No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the opensession D-Bus method. For each...

D-Link D-View 安全漏洞

D-Link D-View is a web-based design network device management software from China's D-Link Corporation. A security vulnerability exists in D-Link D-View, which originates from a TftpSendFileThread directory traversal information disclosure vulnerability...

PT-2024-3620

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition in the Bluetooth subsystem of the Linux kernel leads to a use-after-free issue. When an SCO connection is established and the SCO socket is subsequently released, timeou...

CVE-2024-27060 thunderbolt: Fix NULL pointer dereference in tb_port_update_credits()

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix NULL pointer dereference in tbportupdatecredits Olliver reported that his system crashes when plugging in Thunderbolt 1 device: BUG: kernel NULL pointer dereference, address: 0000000000000020 PF: supervisor read...

CVE-2024-27003

In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree for clksummary Similar to the previous commit, we should make sure that all devices are runtime resumed before printing the clksummary through debugfs. Failure to do so would result in a...

CVE-2024-26944 btrfs: zoned: fix use-after-free in do_zone_finish()

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in dozonefinish Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info device nullb1: scrub: finished on devid 1 with status: 0...

kernel: Linux kernel Bluetooth: Denial of Service via race condition in hidp_session_thread

A flaw was found in the Linux kernel's Bluetooth subsystem. A race condition in the hidpsessionthread can lead to a use-after-free vulnerability. This occurs when a timer is active while its deletion function is called, causing memory to be accessed after it has been freed. A local attacker could...

PT-2024-25662 · Unknown · O-Ran E2T I-Release

Name of the Vulnerable Software and Affected Versions: O-RAN E2T I-Release affected versions not specified Description: The issue concerns the O-RAN E2T I-Release Prometheus metric Increment function, which can crash in sctpThread.cpp. This crash occurs when the Increment function is called for...

[SECURITY] Fedora 40 Update: rust-1.77.2-1.fc40

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

CVE-2024-21102

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

UBUNTU-CVE-2024-21102

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

CVE-2024-21102

CVE-2024-21102 affects Oracle MySQL Server (component: Server: Thread Pooling). Affected versions are 8.0.36 and earlier, and 8.3.0 and earlier. The description states an easily exploitable vulnerability that, with network access via multiple protocols and a high-privilege attacker, can lead to a...

CVE-2024-31446

OpenComputers is a Minecraft mod that adds programmable computers and robots to the game. A user can use OpenComputers to get a Computer thread stuck in the Lua VM, which eventually blocks the Server thread, requiring the server to be forcibly shut down. This can be accomplished using any device ...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

CVE-2024-31446 OpenComputers Denial of Service using xpcall

OpenComputers is a Minecraft mod that adds programmable computers and robots to the game. A user can use OpenComputers to get a Computer thread stuck in the Lua VM, which eventually blocks the Server thread, requiring the server to be forcibly shut down. This can be accomplished using any device ...

PT-2024-3943 · Oracle +4 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.36 and prior MySQL Server versions 8.3.0 and prior Description: A vulnerability in the MySQL Server product of Oracle MySQL allows a high privileged attacker with network access via multiple protocols to compromise t...

Exploit for Command Injection in Telesquare Tlr-2005Ksh_Firmware

Telesquare TLR-2005KSHRCE CVE-2024-29269 Batch scan/exploit...

[SECURITY] Fedora 39 Update: rust-1.77.2-1.fc39

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...