CVE-2024-26720

A vulnerability was found in the wbdirtylimits function in the Linux kernel memory management mm subsystem which can lead to a divide-by-zero error. This issue could lead to a potential kernel crash...

CVE-2024-26720

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-26720

Removed by vendor...

DEBIAN-CVE-2021-47159

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix a crash if -getssetcount fails If ds-ops-getssetcount fails then it "count" is a negative error code such as -EOPNOTSUPP. Because "i" is an unsigned int, the negative error code is type promoted to a very high value...

BUFFALO LinkStation 200 series vulnerable to arbitrary code execution

Overview LinkStation 200 series provided by BUFFALO INC. is a network attached storage NAS. LinkStation 200 series contains an arbitrary code execution vulnerability CWE-354, CVE-2023-51073 due to insufficient verification of data authenticity during firmware update. BUFFALO INC. reported this...

Fedora: Security Advisory for shim-unsigned-x64 (FEDORA-2024-2aa28a4cfc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for shim-unsigned-aarch64 (FEDORA-2024-2aa28a4cfc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-11207 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel. The issue occurs when ds-ops-get sset count fails, resulting in a negative error code, such as -EOPNOTSUPP. Because i is an...

Arbitrary Code Execution

github.com/projectdiscovery/nuclei is vulnerable to Arbitrary Code Execution. The vulnerability is due to improper validation of signed workflows within the parseWorkflowTemplate function in workflows.go, which allows the execution of unsigned code templates through workflows...

[SECURITY] Fedora 38 Update: shim-unsigned-x64-15.8-2

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments...

Cisco Unified IP Phones 7900 Series Unsigned Code Installation (CVE-2011-1637)

Cisco Unified IP Phones 7900 devices aka TNP phones with software before 9.2.1 do not properly verify signatures for software images, which allows local users to gain privileges via a crafted image, aka Bug ID CSCtn65962. This plugin only works with Tenable.ot. Please visit...

CVE-2024-27920

projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing cust...

CVE-2024-27920 Unsigned code template execution through workflows in projectdiscovery/nuclei

projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing cust...

CVE-2024-27920

The CVE covers projectdiscovery/nuclei where unsigned code templates could be executed via workflows in Nuclei v3. root cause: oversight in workflow execution that allows executing unsigned templates. Impact: local execution with high severity per listed metrics; effects are mitigation-dependent ...

CVE-2024-27920 Unsigned code template execution through workflows in projectdiscovery/nuclei

projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing cust...

Nuclei allows unsigned code template execution through workflows

Overview A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user's system. This...

GHSA-W5WX-6G2R-R78Q Nuclei allows unsigned code template execution through workflows

Overview A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user's system. This...

CVE-2024-26540

A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimglibrary::CImg::loadanalyze...

PT-2024-22137

Name of the Vulnerable Software and Affected Versions Nuclei versions prior to 3.2.0 Description A significant security oversight was identified in Nuclei, involving the execution of unsigned code templates through workflows. This issue specifically affects users utilizing custom workflows,...

Nuclei Security Vulnerabilities

Nuclei is a customizable and fast vulnerability scanner based on YAML syntax templates. A security vulnerability exists in nuclei 3.0.0 and later, which stems from allowing the execution of unsigned code templates via a workflow, resulting in malicious code that can be executed on a user's system...