CVE-2024-57933 gve: guard XSK operations on the existence of queues

In the Linux kernel, the following vulnerability has been resolved: gve: guard XSK operations on the existence of queues This patch predicates the enabling and disabling of XSK pools on the existence of queues. As it stands, if the interface is down, disabling or enabling XSK pools would result i...

CVE-2025-23209

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. This is an remote code execution RCE vulnerability that affects Craft 4 and 5 installs where your security key has already been compromised. Anyone running an unpatched version of Craft with a...

Metasploit Wrap-Up 01/17/2025

Clarity in Cleo Exploitation Last Month, Huntress reported that several Cleo products were being attacked in the wild, including Harmony, VLTrader, and LexiCom. Cleo announced CVE-2024-50623 and that these issues were patched in 5.8.0.21, but Huntress reported the vulnerability was still in those...

Gomatrixserverlib Server-Side Request Forgery (SSRF) on redirects and federation

Impact Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. Patches c4f1e01eab0dd435709ad15463ed38a079ad6128 fixes this issue. Workarounds Use a local firewall to limit the network segments and hosts the...

Matrix Media Repo (MMR) allows Server-Side Request Forgery (SSRF) on redirects and federation

Impact Matrix Media Repo MMR is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. Patches This is fixed in MMR v1.3.8. Workarounds Restricting which hosts MMR is allowed to contact via local firewall rules or a transparent...

CVE-2024-57890

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...

CVE-2024-57891

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix invalid irq restore in scxopsbypass While adding outer irqsave/restore locking, 0e7ffff1b811 "scx: Fix raciness in scxopsbypass" forgot to convert an inner rqunlockirqrestore to rqunlock which could re-enable IRQ...

AZL-55853 CVE-2024-57890 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...

CVE-2024-57841

CVE-2024-57841 concerns a Linux kernel memory leak in tcp_conn_request() where dst memory allocated in af_ops->route_req is not freed if inet_csk_reqsk_queue_hash_add() fails, as shown by the kmemleak stack. The vulnerability is in the path that leads to tcp_conn_request() and may leak memory ...

CVE-2024-57795 RDMA/rxe: Remove the direct link to net_device

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Remove the direct link to netdevice The similar patch in siw is in the link: https://git.kernel.org/rdma/rdma/c/16b87037b48889 This problem also occurred in RXE. The following analyze this problem. In the following Call...

Rancher UI has Stored Cross-site Scripting vulnerability

Impact A vulnerability has been identified within Rancher UI that allows a malicious actor to perform a Stored XSS attack through the cluster description field. Please consult the associated MITRE ATT&CK - Technique - Drive-by Compromise for further information about this category of attack...

CVE-2025-21171 .NET Remote Code Execution Vulnerability

...

CVE-2025-23025 Privilege escalation (PR) through realtime WYSIWYG editing in XWiki

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. NOTE: The Realtime WYSIWYG Editor extension was experimental, and thus not recommended, in the versions affected by this vulnerability. It has become enabled by default, and thus recommended,...

CVE-2025-23025 Privilege escalation (PR) through realtime WYSIWYG editing in XWiki

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. NOTE: The Realtime WYSIWYG Editor extension was experimental, and thus not recommended, in the versions affected by this vulnerability. It has become enabled by default, and thus recommended,...

GHSA-RMM7-R7WR-XPFG XWiki Realtime WYSIWYG Editor extension allows privilege escalation (PR) through realtime WYSIWYG editing

Impact NOTE: The Realtime WYSIWYG Editor extension was experimental, and thus not recommended, in the versions affected by this vulnerability. It has become enabled by default, and thus recommended, starting with XWiki 16.9.0. A user with only edit right can join a realtime editing session where...

Description of the security update for Excel 2016: January 14, 2025 (KB5002673)

Description of the security update for Excel 2016: January 14, 2025 KB5002673 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-21362. Note: To apply this...

CVE-2024-45338 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-24

CVE-2024-45338 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-24. A patched version of the package is available...

PT-2025-1281 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 132.0.6834.83 Description: The issue is related to an inappropriate implementation in Fullscreen mode, allowing a remote attacker to perform UI spoofing via a crafted HTML page. This could enable the attacker t...

CVE-2022-3114 affecting package kernel 5.15.202.1-1

CVE-2022-3114 affecting package kernel 5.15.202.1-1. This CVE either no longer is or was never applicable...

CVE-2024-47408 net/smc: check smcd_v2_ext_offset when receiving proposal msg

In the Linux kernel, the following vulnerability has been resolved: net/smc: check smcdv2extoffset when receiving proposal msg When receiving proposal msg in server, the field smcdv2extoffset in proposal msg is from the remote client and can not be fully trusted. Once the value of smcdv2extoffset...