CVE-2024-58072 wifi: rtlwifi: remove unused check_buddy_priv

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused checkbuddypriv Commit 2461c7d60f9f "rtlwifi: Update header file" introduced a global list of private data structures. Later on, commit 26634c4b1868 "rtlwifi Modify existing bits to match vendor versio...

SUSE-SU-2024:1499-2 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging JDK-8319851,bsc1222979 - CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup JDK-8315708,bsc1222987 -...

[SECURITY] Fedora 40 Update: maven-shared-utils-3.4.2-7.fc40

This project aims to be a functional replacement for plexus-utils in Maven. It is not a 100% API compatible replacement though but a replacement with improvements: lots of methods got cleaned up, generics got added and we dropp ed a lot of unused code...

Open redirect

Rejected reason: This is unused...

CVE-2023-21441

Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q10, 3.1.21.10 in Android R11 and 3.5.2.23 in Android S12 allows local attacker to access protected files via unused code...

CVE-2023-21441

Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q10, 3.1.21.10 in Android R11 and 3.5.2.23 in Android S12 allows local attacker to access protected files via unused code...

CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code...

Design/Logic Flaw

Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q10, 3.1.21.10 in Android R11 and 3.5.2.23 in Android S12 allows local attacker to access protected files via unused code...

Input validation

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code...

CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code...

CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code...

CVE-2021-21331

The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on a unix-like system with multiple users. The API is used to download a file containing sensitive...

DEBIAN-CVE-2017-17527

delphigui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer has indicated that the code...

SUSE-SU-2017:1047-1 Security update for ntp

This ntp update to version 4.2.8p10 fixes serveral issues. This updated enables leap smearing. See /usr/share/doc/packages/ntp/README.leapsmear for details. Security issues fixed bsc1030050: - CVE-2017-6464: Denial of Service via Malformed Config - CVE-2017-6462: Buffer Overflow in DPTS Clock -...

NTP.org 'ntpd' Multiple Denial-of-Service Vulnerabilities (Mar 2017)

NTP.org SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ntp:ntp"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.810678";...

e107 2.1.2: SQL Injection through Object Injection

RIPS Analysis The e107 CMS consists of 317,356 lines of code and was analyzed in about 2 minutes. Many of the vulnerabilities found by RIPS are exploitable, despite a few exceptions. The main reason for this is that e107 contains a lot of unused code from previous releases and thus not all affect...