BIT-GITLAB-2020-13351

Insufficient permission checks in scheduled pipeline API in GitLab CE/EE 13.0+ allows an attacker to read variable names and values for scheduled pipelines on projects visible to the attacker. Affected versions are =13.0, =13.4.0, =13.5.0, 13.5.2...

BIT-GITLAB-2021-22186

An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify group CI/CD variables which should be restricted to group owners...

BIT-TENSORFLOW-2021-41201 Unitialized access in `EinsumHelper::ParseEquation`

TensorFlow is an open source platform for machine learning. In affeced versions during execution, EinsumHelper::ParseEquation is supposed to set the flags in inputhasellipsis vector and outputhasellipsis boolean to indicate whether there is ellipsis in the corresponding inputs and output. However...

BIT-TENSORFLOW-2021-41225 A use of uninitialized value vulnerability in Tensorflow

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the trainnodes vector obtained from the saved model that gets optimized does not contain a Dequeue node, then dequeuenode is left unitialized. The...

BIT-GITLAB-2022-2229

An improper authorization issue in GitLab CE/EE affecting all versions from 13.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows an attacker to extract the value of an unprotected variable they know the name of in public projects or private projects they're a member of...

BIT-WORDPRESS-MULTISITE-2020-28034

WordPress before 5.5.2 allows XSS associated with global variables...

BIT-PHP-2022-4900 Potential buffer overflow in php_cli_server_startup_workers

A vulnerability was found in PHP where setting the environment variable PHPCLISERVERWORKERS to a large value leads to a heap buffer overflow...

BIT-POSTGRESQL-JDBC-DRIVER-2022-41946 TemporaryFolder on unix-like systems does not limit access to created files in pgjdbc

pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either PreparedStatement.setTextint, InputStream or PreparedStatemet.setByteaint, InputStream will create a temporary file if the InputStream is larger than 2k. This will create a temporary file which...

BIT-NODE-2023-30585

A vulnerability has been identified in the Node.js .msi version installation process, specifically affecting Windows users who install Node.js using the .msi installer. This vulnerability emerges during the repair operation, where the "msiexec.exe" process, running under the NT AUTHORITY\SYSTEM...

BIT-AIRFLOW-2021-38540 Apache Airflow: Variable Import endpoint missed authentication check

The variable import endpoint was not protected by authentication in Airflow =2.0.0, =2.0.0, 2.1.3...

BIT-AIRFLOW-2023-50783 Apache Airflow: Improper access control vulnerability on the "varimport" endpoint

Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticated user without the variable edit permission, to update a variable. This flaw compromises the integrity of variable management, potentially leading to unauthorized data modification. Users are...

systemd: privilege escalation via the less pager

A vulnerability was found in the systemd package. The systemd package does not adequately block local privilege escalation for some sudo configurations, for example, plausible sudoers files, in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to ...

UBUNTU-CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: Fix a potential use after free in gaudimemsetdevicememory Our code analyzer reported a uaf. In gaudimemsetdevicememory, cb is get via hlcbkernelcreate with 2 refcount. If hlcsallocatejob failed, the execution ru...

SUSE CVE-2021-46951

In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable for calculating final log size When tpmreadlogefi is called multiple times, which happens when one loads and unloads a TPM2 driver multiple times, then the global variable efitpmfinallogsize will at...

CVE-2024-1847

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024...

Heap overflow

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024...

CVE-2024-1847 Multiple vulnerabilities exist in file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024...

Missing TTLS Encryption

github.com/edgelesssys/marblerun is vulnerable to Missing TTLS Encryption. The vulnerability is due to unsecured plain TCP connections between Marbles if the parameters don't include an environment variable. This flaw allows an attacker intercept and manipulate the communication between Marbles...

CVE-2021-46951

In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable for calculating final log size When tpmreadlogefi is called multiple times, which happens when one loads and unloads a TPM2 driver multiple times, then the global variable efitpmfinallogsize will at...