GO-2024-2694 Potential Reentrancy using Timeout Callbacks in ibc-hooks in github.com/cosmos/ibc-go

Potential Reentrancy using Timeout Callbacks in ibc-hooks in github.com/cosmos/ibc-go...

The vulnerability of the l2cap_chan_timeout() function in the Linux kernel’s Bluetooth subsystem allows a hacker to trigger a service failure.

The vulnerability of the l2capchantimeout function in the net/bluetooth/l2capcore.c module of the Linux kernel’s Bluetooth subsystem is related to the swapping of the zero pointer due to concurrent access to resources race condition. Exploiting this vulnerability could allow a attacker to cause...

DEBIAN-CVE-2024-35811

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmfcfg80211detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following invoking chain to star...

UBUNTU-CVE-2024-35811

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmfcfg80211detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following invoking chain to star...

CVE-2024-35811 wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmfcfg80211detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following invoking chain to star...

CVE-2024-35811

In Astra Linux advisories, the brcm80211 component of the Linux kernel (brcmfmac) is affected by a use-after-free in brcmf_cfg80211_detach when a USB disconnect occurs (hotplug). The vulnerability stems from the cfg80211 detach path where a timer and its worker may still run after cfg is freed (c...

PT-2024-21891 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A data-race issue has been identified around sysctl netrom transport timeout in the netrom component of the Linux kernel. Recommendations: At the moment, there is no information about ...

Invoke-SessionHunter - Retrieve And Display Information About Active User Sessions On Remote Computers (No Admin Privileges Required)

Retrieve and display information about active user sessions on remote computers. No admin privileges required. The tool leverages the remote registry service to query the HKEYUSERS registry hive on the remote computers. It identifies and extracts Security Identifiers SIDs associated with active...

Subhunter - A Fast Subdomain Takeover Tool

Subdomain takeover is a common vulnerability that allows an attacker to gain control over a subdomain of a target domain and redirect users intended for an organization's domain to a website that performs malicious activities, such as phishing campaigns, stealing user cookies, etc. It occurs when...

F5 Networks BIG-IP : BIG-IP SSL vulnerability (K000138912)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.4 / 16.1.4.3 / 17.1.1.3. It is, therefore, affected by a vulnerability as referenced in the K000138912 advisory. - When an SSL profile with alert timeout is configured with a non-default value on a virtual server,...

CVE-2024-27399

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...

CVE-2024-27397

A use-after-free flaw was found in the Linux kernel’s netfilter subsystem in how a user triggers the element timeout. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation In order to trigger the issue, it requires the ability to create user/net...

CVE-2024-32354

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...

CVE-2024-32354

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...

CVE-2024-32354

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...

AZL-40546 CVE-2024-27397 affecting package hyperv-daemons for versions less than 6.6.56.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...

DEBIAN-CVE-2024-27399

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...

DEBIAN-CVE-2024-27397

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...

DEBIAN-CVE-2024-27398

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by scosocktimeout When the sco connection is established and then, the sco socket is releasing, timeoutwork will be scheduled to judge whether the sco disconnection is timeout. The sock...

CVE-2024-27397

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...