EulerOS 2.0 SP5 : grub2 (EulerOS-SA-2024-1141)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS...

SUSE CVE-2024-24259

freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function...

CVE-2024-0659

The Easy Digital Downloads – Sell Digital Files eCommerce Store & Payments Made Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the variable pricing option title in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping. This...

AZL-43438 CVE-2024-24259 affecting package freeglut 3.2.1-4

freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function...

Memory corruption

freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function...

CVE-2024-24265

gpac v2.2.1 was discovered to contain a memory leak via the dstprops variable in the gffilterpidmergepropertiesinternal function...

UBUNTU-CVE-2024-24259

freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function...

CVE-2024-24265

gpac v2.2.1 was discovered to contain a memory leak via the dstprops variable in the gffilterpidmergepropertiesinternal function...

MuPDF Security Vulnerabilities

MuPDF is MuPDF open source a free and open source software library written in C . Used to render pages as bitmaps , but also provides support for other operations such as searching and listing directories and links . A security vulnerability exists in MuPDF v1.23.9, which was discovered to contai...

CVE-2024-24265

CVE-2024-24265 affects gpac v2.2.1, with a memory leak in the gf_filter_pid_merge_properties_internal function caused by the dst_props variable. Several connected sources confirm the issue and its association with gpac 2.2.1, including Red Hat and OSV entries. No public exploit details are provid...

CVE-2024-24259

freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function...

CVE-2024-24267

gpac v2.2.1 fixed in v2.4.0 was discovered to contain a memory leak via the gfioblob variable in the gffileiofromblob function...

CVE-2024-24265

gpac v2.2.1 was discovered to contain a memory leak via the dstprops variable in the gffilterpidmergepropertiesinternal function...

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 Description CVE-2023-36845 represen...

CVE-2024-24557

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...

Design/Logic Flaw

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...

CVE-2024-24572 facileManager Authenticated Variable Manipulation leading to SQL Injection

facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, the $REQUEST global array was unsafely called inside an extract function in admin-logs.php. The PHP file fm-init.php prevents arbitrary manipulation of $SESSION via the GET/POST parameters...

CVE-2024-24572 facileManager Authenticated Variable Manipulation leading to SQL Injection

facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, the $REQUEST global array was unsafely called inside an extract function in admin-logs.php. The PHP file fm-init.php prevents arbitrary manipulation of $SESSION via the GET/POST parameters...

Use After Free

The Apache Xerces is vulnerable to use-after-free. The vulnerability is due to improper handling of memory, leading to potential arbitrary code execution or denial of service. As a remedy, it is recommended to disable DTD processing, either through DOM parser features or by setting the...

vantage6 Security Vulnerabilities

vantage6 is a vantage6 open source priVAcy preserviNg federalTed leArningG infrastructure for Secure Insight eXchange. A security vulnerability previously existed in vantage6 version 4.2.0 that stemmed from an authenticated user being able to inject code into an algorithmic environment variable...