CVE-2024-7139 Denial of Service in Silicon Labs RS9116 Bluetooth SDK

Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service. If a watchdog timer is not enabled, a hard reset is required to recover the device...

CVE-2024-7138 Denial of Service in Silicon Labs RS9116 Bluetooth SDK

An assert may be triggered, causing a temporary denial of service when a peer device sends a specially crafted malformed L2CAP packet. If a watchdog timer is not enabled, a hard reset is required to recover the device...

PT-2024-38105 · Silabs.Com · Rs9116 Bluetooth Sdk

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is caused by an unchecked buffer length, allowing a specially crafted L2CAP packet to trigger a buffer overflow. This buffer overflow results ...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52524: Fixed possible corruption in nfc/llcp bsc1220927. CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core bsc1232224 CVE-2024-50089:...

CVE-2024-50154

...

kernel: tcp: avoid too many retransmit packets

A vulnerability was found in the tcpretransmittimer function in the Linux kernel's TCP implementation. This issue occurs when a TCP socket uses TCPUSERTIMEOUT and the peer's window retracts to zero, leading to excessive retransmission of packets every two milliseconds for up to four minutes after...

kernel: PM / devfreq: Synchronize devfreq_monitor_[start/stop]

A flaw was found in the Linux kernel resulting from race conditions and a lack of synchronization in handling the delayed work timers in the devfreq component. This issue can lead to inconsistencies and a corruption of the timer list...

Oracle Linux 8 : kernel:4.18.0 (ELSA-2024-10281)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10281 advisory. - media: edia: dvbdev: fix a use-after-free Kate Hsuan RHEL-35763 CVE-2024-27043 - bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in...

CVE-2024-53743

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aezaz Shaikh Countdown Timer for Elementor countdown-timer-for-elementor allows Stored XSS.This issue affects Countdown Timer for Elementor: from n/a through = 1.3.6...

CVE-2024-53743 WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aezaz Shaikh Countdown Timer for Elementor countdown-timer-for-elementor allows Stored XSS.This issue affects Countdown Timer for Elementor: from n/a through = 1.3.6...

CVE-2024-53743

CVE-2024-53743 describes a stored Cross-Site Scripting (XSS) flaw in the WordPress plugin Countdown Timer for Elementor (FlickDevs) affecting versions up to 1.3.6. The issue originates from improper neutralization of input during web page generation, enabling stored XSS. Public records indicate a...

CVE-2024-53743 WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aezaz Shaikh Countdown Timer for Elementor countdown-timer-for-elementor allows Stored XSS.This issue affects Countdown Timer for Elementor: from n/a through = 1.3.6...

WordPress plugin Countdown Timer for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-35852 · Flickdevs · Flickdevs Countdown Timer For Elementor

Name of the Vulnerable Software and Affected Versions: FlickDevs Countdown Timer for Elementor versions 1.3.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting XSS. This enables attackers to injec...

OESA-2024-2495 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler. """ We are seeing a use-after-free from a...

WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Countdown Timer for Elementor versions = 1.3.6...

kernel: mptcp: pm: Fix uaf in __timer_delete_sync

A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: mptcp: pm: Fix uaf in __timer_delete_sync

A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: mptcp: pm: Fix uaf in __timer_delete_sync

A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu/mes: fixed the use-after-free issue. Deleted the fence fallback timer to fix the ramdom use-after-free issue. v2: moved to amdgpumes.c...