CVE-2024-26922 drm/amdgpu: validate the parameters of bo mapping operations more clearly

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpuvmbomap/replacemap/clearingmappings in one common place...

VulnCheck KEV: CVE-2024-28253

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. CompiledRule::validateExpression is also called from PolicyRepository.prepare. prepare is called from...

VulnCheck KEV: CVE-2024-28254

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The ‎AlertUtil::validateExpression method evaluates an SpEL expression using getValue which by default uses the...

The vulnerability of the bson_utf8_validate() function in the MongoDB C-Driver’s database management system allows a attacker to cause a service failure.

The vulnerability of the bsonutf8validate function in the MongoDB C-Driver database management system driver is related to a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...

SUSE CVE-2024-3116

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

GHSA-27JX-FFW8-XRQV pgAdmin Remote Code Execution (RCE) vulnerability

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

pgAdmin Remote Code Execution (RCE) vulnerability

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

CVE-2024-3116

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

CVE-2024-3116

CVE-2024-3116 affects pgAdmin

CVE-2024-3116 Remote Code Execution Vulnerability through the validate binary path API in pgAdmin 4

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

EulerOS Virtualization 2.10.0 : python-configobj (EulerOS-SA-2024-1388)

According to the versions of the python-configobj package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate...

EulerOS Virtualization 2.10.1 : python-configobj (EulerOS-SA-2024-1367)

According to the versions of the python-configobj package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate...

UBUNTU-CVE-2023-52606

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. The size of those operations however is determined separately in analyseinstr...

CVE-2023-52606 powerpc/lib: Validate size for vector operations

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. The size of those operations however is determined separately in analyseinstr...

UBUNTU-CVE-2021-47050

In the Linux kernel, the following vulnerability has been resolved: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource The platformgetresourcebyname can return NULL which would be immediately dereferenced by resourcesize. Instead dereference it after validating the resource...

DEBIAN-CVE-2021-46934

In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...

The vulnerability of the npm-user-validate package on the Node.js software platform allows a perpetrator to trigger a service failure.

The vulnerability of the npm-user-validate package on the Node.js software platform is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

CLSA-2024-1708427829 Fix CVE(s): CVE-2024-25062

SECURITY UPDATE: Use-after-free in xmlValidatePopElement - debian/patches/CVE-2024-25062.patch: Fix use-after-free if XML Reader with DTD validation and XInclude expansion by not expanding XIncludes when backtracking - CVE-2024-25062...

Heap overflow

The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer. While a FreeBSD Wi-Fi client is in scanning mode i.e., not associated with a SSID a malicious beacon frame may overwrite kernel memory, leading to remote code...

PT-2024-21206 · Unknown · Photoboxone Smtp Mail

Name of the Vulnerable Software and Affected Versions: Photoboxone SMTP Mail versions 1.3.20 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application...