PUB-A-330389917

In ufshcscsicmd of ufs.c, there is a possible stack variable use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-329163861

Bulletin has no description...

PT-2024-18945 · Unknown · Git-Shallow-Clone

Name of the Vulnerable Software and Affected Versions: git-shallow-clone versions all Description: The issue is related to command injection due to missing sanitization or mitigation flags in the process variable of the gitShallowClone function. This allows for potential argument injection. No...

PT-2024-9585 · Gstreamer +8 · Gstreamer +8

Name of the Vulnerable Software and Affected Versions: GStreamer versions prior to 1.24.10 Description: GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst matroska demux add wvpk header function...

php -- Multiple vulnerabilities

php.net reports: CVE-2024-8926: CGI: Fixed bug GHSA-9pqp-7h25-4f32 Bypass of CVE-2024-4577, Parameter Injection Vulnerability. CVE-2024-8927: CGI: Fixed bug GHSA-94p6-54jq-9mwp cgi.forceredirect configuration is bypassable due to the environment variable collision. CVE-2024-9026: FPM: Fixed bug...

kernel: mptcp: ensure snd_una is properly initialized on connect

A vulnerability was found in the Linux kernel's match component in the initialization of the snduna variable while establishing a connection. The issue arises when retransmission occurs after a fallback, leaving the snduna sequence number uninitialized, leading to unpredictable behavior and...

kernel: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers

A vulnerability was found in the Linux kernel in the csdsp firmware involving the V2 algorithm headers and the wmfw V2 format, which introduced variable-length strings into the algorithm block header. This means the overall header length is variable and without proper checks can result in an...

PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability

PDF-XChange Editor is a PDF editor software and PDF reader. PDF-XChange Editor RTF file parsing has an uninitialized variable remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

Cross-site Scripting (XSS)

mautic/core is vulnerable to Cross-Site ScriptingXSS. The vulnerability is due to the Page URL variable not being properly sanitized, allowing malicious scripts to be executed...

CVE-2024-45614 Header normalization allows for client to clobber proxy set headers in Puma

Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies such as X-Forwarded-For by providing a underscore version of the same header X-ForwardedFor. Any users relying on proxy set variables is affected. v6.4.3/v5.6.9 now...

CVE-2024-45614 Header normalization allows for client to clobber proxy set headers in Puma

Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies such as X-Forwarded-For by providing a underscore version of the same header X-ForwardedFor. Any users relying on proxy set variables is affected. v6.4.3/v5.6.9 now...

CVE-2024-47050

Prior to this patch being applied, Mautic's tracking was vulnerable to Cross-Site Scripting through the Page URL variable...

DEBIAN-CVE-2024-46794

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmioread The mmioread function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmioread unintentionally exposes the value of an initialized variable val on the stack...

CVE-2024-46794

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmioread The mmioread function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmioread unintentionally exposes the value of an initialized variable val on the stack...

CVE-2024-46794 x86/tdx: Fix data leak in mmio_read()

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmioread The mmioread function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmioread unintentionally exposes the value of an initialized variable val on the stack...

CVE-2024-46788

The CVE-2024-46788 vulnerability affects the Linux kernel in tracing/osnoise, where start_kthread() and stop_thread() were not consistently called with interface_lock held. This could allow a kthread_stop() on a thread that should not be stopped, triggering an OOPS in early timer handling (hrtime...

CVE-2024-46785

CVE-2024-46785 affects the Linux kernel, specifically an issue in eventfs relating to SRCU-protected lists. The root cause is a NULL pointer access in tracefs when ei_child can be set to LIST_POISON1 after removal in eventfs_remove_rec, leading to a crash/panic. The vulnerability materializes whe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that the per-CPU variable seg6bpfsrhstates::srh is never assigned in the self-check use case, but i...

CVE-2024-45798

The CVE-2024-45798 entry concerns the arduino-esp32 Arduino core for ESP32/variants. The connected documents describe multiple Poisoned Pipeline Execution (PPE) vulnerabilities in the CI workflow, specifically code injection in tests_results.yml (GHSL-2024-169) and environment variable injection ...

CVE-2024-45798 Multiple Poisoned Pipeline Execution (PPE) vulnerabilities

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. The arduino-esp32 CI is vulnerable to multiple Poisoned Pipeline Execution PPE vulnerabilities. Code injection in testsresults.yml workflow GHSL-2024-169 and environment Variable...