9573 matches found
Decidim-Awesome has SQL injection in AdminAccountability
Vulnerability type: CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' Vendor: Decidim International Community Environment Has vendor confirmed: Yes Attack type: Remote Impact: Code Execution Escalation of Privileges Information Disclosure Affected component:...
close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE
GNU is vulnerable to command injection due to missing sanitization of filenames when the LESSCLOSE environment variable is set and invoked. This could allow an attacker to execute malicious commands within the privileges of the utility...
The vulnerability of the stp_aim_x64_vc15d.dll software, which is used for simulation, design, and drafting in AutoCAD, allows a perpetrator to execute arbitrary code.
The vulnerability of the stpaimx64vc15d.dll software library, which is used for simulation, design, and drawing in AutoCAD, relates to the use of an uninitialized variable. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using a specially created STP fil...
CVE-2024-50227 thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan()
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix KASAN reported stack out-of-bounds read in tbretimerscan KASAN reported following issue: BUG: KASAN: stack-out-of-bounds in tbretimerscan+0xffe/0x1550 thunderbolt Read of size 4 at addr ffff88810111fc1c by task...
CVE-2024-50173
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tickctxcleanup The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated listhead, not a valid group. Get the ptdev...
DEBIAN-CVE-2024-50173
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tickctxcleanup The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated listhead, not a valid group. Get the ptdev...
UBUNTU-CVE-2024-50173
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tickctxcleanup The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated listhead, not a valid group. Get the ptdev...
CVE-2024-50173 drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup()
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tickctxcleanup The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated listhead, not a valid group. Get the ptdev...
CVE-2024-50173 drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup()
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tickctxcleanup The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated listhead, not a valid group. Get the ptdev...
CVE-2024-50173 drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup()
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tickctxcleanup The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated listhead, not a valid group. Get the ptdev...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of an uninitialized variable access problem...
NATS Server Configuration Advice for Use With Veeam Backup for Microsoft 365
Purpose This article provides advice for optimizing NATS Server configuration when used in conjunction with Veeam Backup for Microsoft 365. Solution When Veeam Backup for Microsoft 365 is deployed using the included NATS Server, the system variable 'GOMEMLIMIT ' is set to 30% of the total system...
SUSE CVE-2024-50134
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...
The vulnerability of the mmsServerHandleDeleteNamedVariableListRequest() function in the C language library libIEC61850 allows a attacker to trigger a service failure.
The vulnerability of the mmsServerHandleDeleteNamedVariableListRequest function in the libIEC61850 library, written in the C language, is related to improper cleanup or release of resources. Exploiting this vulnerability could allow an attacker to cause service failures remotely...
DEBIAN-CVE-2024-50134
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...
AZL-52437 CVE-2024-50134 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the drm/vboxvideo module, where the use of a fake variable-length array VLA in place of a real...
The vulnerability of the acdb25.dll library in the AutoCAD simulation, design, and drafting software allows a perpetrator to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the acdb25.dll library in AutoCAD simulation, design, and drawing software relates to the use of an uninitialized variable. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information, execute arbitrary code, or cause a service failu...
cgi.force_redirect configuration is bypassable due to the environment variable collision
...
CVE-2024-8896
A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process...