CVE-2024-34024

CVE-2024-34024 is a vulnerability in ID Link Manager and FUJITSU Software TIME CREATOR where an unauthenticated attacker can determine whether a username is valid due to an observable response discrepancy. Affected products/versions (per sources) include: ID Link Manager II ≤1.8, ID Link Manager ...

Improper Authentication

born05/craft-twofactorauthentication is vulnerable to Improper Authentication. The vulnerability is due to improper checks to prevent TOTP tokens from used multiple times within the validity period...

ZenML Code Issue Vulnerability

ZenML is an extensible open source MLOps framework for creating portable, production-ready machine learning pipelines. A code issue vulnerability exists in ZenML version 0.56.3 that stems from an insufficient session validity period. An attacker exploiting this vulnerability could reuse old sessi...

GHSA-RCM4-JV5G-WCCM zfr authentication adapter did not verify validity of tokens

Previous to @2ca5bb1c2f11537be8f94ca6867d8d69789e744a release 0.1.2, tokens weren't checked for validity/expiration. This potentially caused a security issue if expired tokens were not deleted after the expiration time was past, allowing anyone to still use invalidated authentication credentials...

AZL-42465 CVE-2024-36893 affecting package kernel for versions less than 6.6.35.1-4

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typecregisterpartner does not guarantee partner registration to always succeed. In the event of failure, port-partner is set to the error value or NULL. Given...

AZL-42496 CVE-2024-36893 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typecregisterpartner does not guarantee partner registration to always succeed. In the event of failure, port-partner is set to the error value or NULL. Given...

DEBIAN-CVE-2024-36893

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typecregisterpartner does not guarantee partner registration to always succeed. In the event of failure, port-partner is set to the error value or NULL. Given...

CVE-2024-36893

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typecregisterpartner does not guarantee partner registration to always succeed. In the event of failure, port-partner is set to the error value or NULL. Given...

UBUNTU-CVE-2024-36893

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typecregisterpartner does not guarantee partner registration to always succeed. In the event of failure, port-partner is set to the error value or NULL. Given...

CVE-2024-36893 usb: typec: tcpm: Check for port partner validity before consuming it

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typecregisterpartner does not guarantee partner registration to always succeed. In the event of failure, port-partner is set to the error value or NULL. Given...

CVE-2023-52804

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the index of the dbagfree array, but there is currently no validity check for dbmaxag and dbagpref, which can lead to errors. The following...

UBUNTU-CVE-2021-47497

In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound UBSAN with byte size cells If a cell has 'nbits' equal to a multiple of BITSPERBYTE the logic p &= GENMASKcell-nbits%BITSPERBYTE - 1, 0; will become undefined behavior because nbits modulo BITSPERBYT...

CVE-2023-52804

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the index of the dbagfree array, but there is currently no validity check for dbmaxag and dbagpref, which can lead to errors. The following...

CVE-2023-52804

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the index of the dbagfree array, but there is currently no validity check for dbmaxag and dbagpref, which can lead to errors. The following...

CVE-2023-52804

CVE-2023-52804 affects the Linux kernel (fs/jfs) where db_maxag and db_agpref were used as indexes into db_agfree without validity checks. This could trigger an array-index-out-of-bounds UB in fs/jfs/jfs_dmap.c:639:20 (index 7936 out of range for atomic_t[128]). The issue has been addressed by ad...

CVE-2023-52804

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the index of the dbagfree array, but there is currently no validity check for dbmaxag and dbagpref, which can lead to errors. The following...

CVE-2023-52804 fs/jfs: Add validity check for db_maxag and db_agpref

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the index of the dbagfree array, but there is currently no validity check for dbmaxag and dbagpref, which can lead to errors. The following...

CVE-2023-52804 fs/jfs: Add validity check for db_maxag and db_agpref

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the index of the dbagfree array, but there is currently no validity check for dbmaxag and dbagpref, which can lead to errors. The following...

CVE-2023-52804 fs/jfs: Add validity check for db_maxag and db_agpref

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the index of the dbagfree array, but there is currently no validity check for dbmaxag and dbagpref, which can lead to errors. The following...

DEBIAN-CVE-2021-47427

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix iscsitask use after free Commit d39df158518c "scsi: iscsi: Have abort handler get ref to conn" added iscsigetconn/iscsiputconn calls during abort handling but then also changed the handling of the case where we...