PT-2024-13078 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: A report contains an incorrect reference to a vulnerability identifier and links to a different product. The issue is related to a mistake in...

CVE-2024-7998

In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan...

CVE-2024-7998

CVE-2024-7998 affects Octopus Server where OIDC cookies used the wrong expiration time, potentially enabling longer-lived cookies. The CVSS 3.1 vector reports a Low base score (2.6) with NETWORK attack vector, HIGH complexity, and user interaction required. The available documents state the vulne...

CVE-2024-7998

In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan...

GO-2023-1806 mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go

mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go...

kernel: block: Fix wrong offset in bio_truncate()

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

kernel: block: Fix wrong offset in bio_truncate()

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

Exposure Of Resource To Wrong Sphere

org.biscuitsec, biscuit is vulnerable to Exposure of Resource to Wrong Sphere. The vulnerability is due to the potential for third-party block requests to be forged by malicious users, tricking the third-party authority into generating datalog trusting the wrong keypair. Attackers can exploit thi...

Biscuit 安全漏洞

Biscuit is a delegated, decentralized, capability-based authorization token from biscuit-auth open source. A security vulnerability exists in Biscuit that stems from a data log that allows a malicious user to trick a third-party authority into generating a key pair with the wrong trust via a forg...

biscuit-rust 安全漏洞

biscuit-rust is a Rust implementation of the Biscuit authorization token from the biscuit-auth open source. A security vulnerability exists in biscuit-rust version 4, which stems from the fact that a malicious user's spoofed third-party block request can trick a third-party organization into...

PT-2024-29656

Name of the Vulnerable Software and Affected Versions biscuit-rust affected versions not specified Description The issue concerns biscuit-rust, the Rust implementation of Biscuit, an authentication and authorization token for microservices architectures. A third-party block request forged by a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that if a requested function is not set in the kernel configuration, it currently fails silently an...

The vulnerability of the Packet Forwarding Engine (PFE) module in Juniper Networks’ Junos OS network devices of the EX4300 series allows a attacker to compromise the integrity of the protected information.

The vulnerability of the Packet Forwarding Engine PFE module in Juniper Networks’ Junos OS networking devices of the EX4300 series is related to the absence of blocking mechanisms for outgoing traffic when certain actions are performed in the wrong order. Exploiting this vulnerability can allow a...

kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index

A vulnerability was found in the Linux kernel's memory management subsystem. The wakeupkswapd function was called with an incorrect zone index. This error could disrupt the proper functioning of memory management, potentially leading to system instability or performance issues...

kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index

A vulnerability was found in the Linux kernel's memory management subsystem. The wakeupkswapd function was called with an incorrect zone index. This error could disrupt the proper functioning of memory management, potentially leading to system instability or performance issues...

CVE-2024-39553

An Exposure of Resource to Wrong Sphere vulnerability in the sampling service of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to send arbitrary data to the device, which leads msvcsd process to crash with limited availability impacting Denial of Service DoS a...

CVE-2024-39537 Junos OS Evolved: ACX7000 Series: Ports which have been inadvertently exposed can be reached over the network

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong...

Juniper Networks Junos OS Evolved Security Vulnerability

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS system. A security vulnerability exists in Juniper Networks Junos OS Evolved that stems from the presence of a Resource Exposure to Wrong Scope vulnerability that could allow an unauthenticated, web-based...

GHSA-QJVF-8748-9W7H github.com/google/nftable IP addresses were encoded in the wrong byte order

In https://github.com/google/nftables IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does not work as intended might block or not block the desired addresses. This issue affects: https://pkg.go.dev/github.com/google/[email protected] The bug was fixe...

nftables Security Vulnerabilities

nftables is a subsystem of the Linux kernel open-sourced by The Netfilter Project. for filtering and categorizing network packets, messages, and Ethernet frames. A security vulnerability exists in nftables version 0.1.0, which stems from IP addresses being encoded in the wrong byte order, causing...