Malicious code in pt-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce4c091ee99f34bd672788b16dab6db4b2d09b61bf4a01116168d840902586c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9245 Malicious code in pt-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce4c091ee99f34bd672788b16dab6db4b2d09b61bf4a01116168d840902586c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-47663

Technical details about CVE-2024-47663 are not provided in the supplied documents. The entries summarize a kernel fix in ad9834 frequency handling but do not include vendor/product specifics or patch details. Monitor for updates.

CVE-2024-21533

All versions of the package ggit are vulnerable to Arbitrary Argument Injection via the clone API, which allows specifying the remote URL to clone and the file on disk to clone to. The library does not sanitize for user input or validate a given URL scheme, nor does it properly pass command-line...

SUSE CVE-2024-46802

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dcvalidatestream Why prevent invalid memory access How check if dc and stream are NULL...

DEBIAN-CVE-2024-46814

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msgid before processing transcation WHY & HOW HDCPMESSAGEIDINVALID -1 is not a valid msgid nor is it a valid array index, and it needs checking before used. This fixes 4 OVERRUN issues reported by Coverity...

DEBIAN-CVE-2024-46802

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dcvalidatestream Why prevent invalid memory access How check if dc and stream are NULL...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not checking that dc and stream are NULL before executing the dcvalidatestream function.No details of the...

PT-2024-32329 · Dataease · Dataease

Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 2.10.1 Description: The issue allows an attacker to achieve remote command execution by adding a carefully constructed h2 data source connection string. This can be done by sending a POST request to the...

SUSE CVE-2024-46775

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns WHAT & HOW Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKEDRETURN issues reported by Coverity...

UBUNTU-CVE-2024-46775

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns WHAT & HOW Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKEDRETURN issues reported by Coverity...

CVE-2024-46775

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns WHAT & HOW Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKEDRETURN issues reported by Coverity...

CVE-2024-45041 External Secrets Operator vulnerable to privilege escalation

External Secrets Operator is a Kubernetes operator that integrates external secret management systems. The external-secrets has a deployment called default-external-secrets-cert-controller, which is bound with a same-name ClusterRole. This ClusterRole has "get/list" verbs of secrets resources. It...

CVE-2024-44983

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate vlan header Ensure there is sufficient room to access the protocol field of the VLAN header, validate it once before the flowtable lookup. ===================================================== BUG:...

CVE-2024-44977 drm/amdgpu: Validate TA binary size

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Validate TA binary size Add TA binary size validation to avoid OOB write. cherry picked from commit c0a04e3570d72aaf090962156ad085e37c62e442...

CVE-2024-8408

A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validateservicesport of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument servicesarray leads to stack-based buffer overflow. The...

PT-2024-38990 · Linksys · Linksys Wrt54G

Name of the Vulnerable Software and Affected Versions: Linksys WRT54G version 4.21.5 Description: A critical issue affects the function validate services port of the file /apply.cgi in the component POST Parameter Handler. The manipulation of the argument services array leads to a stack-based...

Malicious code in helmet-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a74efd393386b80f2e23844014fbe6d7ac6b8c4b4251c6442b8b0007df1d136 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8049 Malicious code in helmet-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a74efd393386b80f2e23844014fbe6d7ac6b8c4b4251c6442b8b0007df1d136 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-42286

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: validate nvmelocalport correctly The driver load failed with error message, qla2xxx 0000:04:00.0-ffff:0: registerlocalport failed: ret=ffffffef and with a kernel crash, BUG: unable to handle kernel NULL pointer...