CVE-2024-6235

CVE-2024-6235 is a NetScaler vulnerability in the NetScaler Console (and related components) that enables sensitive information disclosure. It affects NetScaler Console versions 14.1 before 14.1-25.53 (and related console/SDX/agent lines for CVE-2024-6236); exploitation can reveal sensitive data ...

CVE-2023-52490

The CVE-2023-52490 issue is a Linux kernel mm/migrate flaw where a race in page migration caused an incorrect page mapping for the target page, leading to NULL dereferences during dump of page state when memory hotplug/offlining occurs. The root cause was that the target page’s mapping field stor...

CVE-2024-30679

CVE-2024-30679 entry is rejected/not used and does not represent an active vulnerability.

CVE-2024-30678

CVE-2024-30678 is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-27069

CVE-2024-27069 affects the Linux kernel overlayfs ovl_verify_area path. The issue was a WARN_ON assertion triggered by syzbot’s copy-up loop when a lower file’s size changes underneath overlayfs. The documented fix relaxes the WARN_ON in ovl_verify_area and aligns error handling (returning EIO fo...

CVE-2024-26811

CVE-2024-26811 affects the Linux kernel ksmbd component. Root cause: ksmbd.mountd can return an invalid IPC response if malicious ksmbd-tools are installed, allowing memory overrun/slab-out-of-bounds due to missing validation of IPC payload size. The patch adds validation for three IPC responses ...

CVE-2023-52485

CVE-2023-52485 affects the Linux kernel; the issue stems from wake DMCUB before issuing DMUB commands in the AMD display path, which could deadlock if the DMCUB is not powered. The description indicates a fix to rework command submission to exit idle power optimizations and reenable them after su...

CVE-2024-30735

CVE-2024-30735 entry is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-26812

CVE-2024-26812: In the Linux kernel, vfio/pci: Create persistent INTx handler vulnerability allowed signaling of eventfds with a NULL context after the IRQ handler was unregistered (via SET_IRQS ioctl or unmask irqfd) when an INTx interrupt was pending. The fix moves INTx interrupt handler config...

CVE-2024-30696

This CVE-2024-30696 entry is rejected/not used and does not represent an active vulnerability.

CVE-2022-20685

CVE-2022-20685 is a DoS vulnerability in the Snort Modbus preprocessor caused by an integer overflow when processing Modbus traffic. An unauthenticated, remote attacker could craft traffic to cause the Snort process to hang and halt traffic inspection. Cisco has released software updates addressi...

CVE-2024-27006

CVE-2024-27006 concerns the Linux kernel. The issue arises in thermal/debugfs where the count field in trip_stats must be incremented in thermal_debug_tz_trip_up() to properly reflect temperature trips. The patch addresses two scenarios: (1) when a trip point is crossed on the way up for the firs...

CVE-2024-30676

The connected PT-2024-23559 entry identifies a Denial-of-Service flaw in ROS2 Iron Irwini, where ROS2 nodes can be remotely crashed (DoS) by a malicious user, disrupting system operation. Affected setup specifies ROS VERSION 2 with ROS PYTHON VERSION 3. Until a patch is available, the recommendat...

CVE-2024-1550

CVE-2024-1550 involves a vulnerability where a malicious webpage could combine exiting fullscreen mode with requestPointerLock to reposition the user’s mouse, potentially causing confusion and unintended permission grants. Affected products include Firefox versions before 123, Firefox ESR before ...

CVE-2024-27067

The CVE-2024-27067 issue is in the Linux kernel (xen/evtchn) where unbinding a user event channel could cause a WARN() in the handler if the kernel is built with CONFIG_DEBUG_SHIRQ. The fix adds an "unbinding" flag to struct user_event to short-circuit the handler, preventing the WARN() when unbi...

CVE-2024-4642

CVE-2024-4642 is described in connected advisories as a Server-Side Request Forgery (SSRF) in the wandb/wandb repository, caused by improper handling of HTTP redirects (HTTP 302). The issue could allow team members with access to the Webhooks settings to reach internal HTTP(S) endpoints, with pot...

CVE-2021-46965

CVE-2021-46965 : Linux kernel mtd/physmap/physmap-bt1-rom vulnerability where casting &data to (char ) caused unintentional stack access; the fix corrects the byte offset calculation (data is u32) to prevent out-of-bounds/stacks access. Affected code and root cause are documented in the upstream ...

CVE-2024-30683

CVE-2024-30683 entry is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-27027

According to the connected advisories, CVE-2024-27027 affects the Linux kernel DPLL driver where multiple registrations of the same pin on a DPLL device could leave stale list entries if the reference count was not zero. The root cause was that unregistration and freeing of the registration were ...

CVE-2024-27913

FRRouting FRR’s CVE-2024-27913 affects ospf_te_parse_te in ospfd/ospf_te.c up to the 9.1 release. The issue allows remote attackers to crash ospfd (denial of service) via a malformed OSPF LSA packet, caused by an attempted access to a missing attribute field. Remediation: update to FRR 8.5.6 (per...

CVE-2024-30688

CVE-2024-30688 is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-7014

CVE-2024-7014 affects Telegram for Android (versions 10.14.4 and older). Root cause: improper multimedia file attachment handling, where an HTML file disguised as a video can be processed as a valid video, enabling code execution on the device. Technical description across sources notes the attac...

CVE-2024-30729

This CVE entry is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-27397

CVE-2024-27397 affects the Linux kernel nf_tables in netfilter. The root cause is a race where set elements could expire during unfinished control-plane transactions. The fix adds a timestamp field at the start of a transaction and stores it per-netns, updating the set backends’ insert, deactivat...

CVE-2024-27063

CVE-2024-27063 affects the Linux kernel LED subsystem for leds: trigger: netdev. The issue stems from a refactor where the trigger_data’s dev could reference the old net_dev while a new net_dev is being established, causing get_device_state() to operate on an invalid net_dev and potentially trigg...

CVE-2024-30699

CVE-2024-30699 entry is rejected and not used; it does not represent an active vulnerability entry.

CVE-2024-27036

CVE-2024-27036 affects the Linux kernel CIFS writeback path. The vulnerability arises when cifs_extend_writeback() considers an extra folio but would overrun the wsize, causing the xarray scanning loop to rely on xas_pause(), which advances the counter and can skip a page. The fix is to call xas_...

CVE-2024-30694

CVE-2024-30694 entry is rejected/not used as explicitly stated in the Initial Description.

CVE-2023-52656

CVE-2023-52656 concerns the Linux kernel io_uring subsystem. The connected documents confirm that the vulnerability arises from dropping any code related to SCM_RIGHTS, i.e., dead code after removing support for passing io_uring fds over SCM_RIGHTS. The practical effect described is that the code...

CVE-2021-46968

CVE-2021-46968 concerns the Linux kernel s390/zcrypt subsystem. The issue was a memleak on hot-unplug for zcard and zqueue due to a mismatch in get/put for an embedded kref counter. The fix adjusts kref handling: the counter starts at 1 on init and must drop to zero on unregister (for both card a...

CVE-2024-36904

The provided connected advisories confirm CVE-2024-36904 affects the Linux kernel TCP TIME-WAIT handling. Specifically, a race window during connect() could allow refcount mismanagement in tcp_twsk_unique() if a TIME-WAIT sk is reused with zero refcnt, potentially leading to a use-after-free. The...

CVE-2024-30663

CVE-2024-30663 entry is rejected/not used and does not represent an active vulnerability.

CVE-2024-30680

CVE-2024-30680 entry is rejected and does not represent an active vulnerability.

CVE-2023-20036

CVE-2023-20036 affects Cisco Industrial Network Director (IND). The issue is in the web UI and arises from improper input validation during Device Pack uploads, allowing an authenticated, remote attacker to inject commands and execute arbitrary code with NT AUTHORITY\SYSTEM privileges on the devi...

CVE-2024-35944

CVE-2024-35944: In the Linux kernel VMCI path, a run-time warning triggered by memcpy was observed when a field-spanning write occurred in vmci_datagram.c. The code copies a vmci_datagram dg into a local dg_info->msg with memcpy(&dg_info->msg, dg, dg_size), while dg_size = VMCI_DG_HEADERSIZ...

CVE-2021-46971

The CVE-2021-46971 entry corresponds to a Linux kernel fix in perf/core: the lockdown state was queried unconditionally, but its result is only needed if PERF_SAMPLE_REGS_INTR is set in attr.sample_type. This unconditional check could trigger SELinux lockdown hooks unnecessarily, potentially caus...

CVE-2021-46974

CVE-2021-46974 — Linux kernel BPF masking negation bug: when the off_reg is in the destination, negation could flip an add to a sub incorrectly. The fix performs a final bitwise AND into AX from off_reg unconditionally, then moves from src to dst and uses AX as the source for the original pointer...

CVE-2024-27035

CVE-2024-27035 concerns the Linux kernel’s f2fs compression path. The issue arises when a data block inside a compressed cluster is not persisted with its metadata during checkpoint; after SPOR, this can lead to data corruption. The published fix guarantees that the compressed page is written by ...

CVE-2024-30721

CVE-2024-30721 is rejected; this candidate withdrawn and not an active vulnerability entry.

CVE-2021-46970

CVE-2021-46970 affects the Linux kernel’s MHI PCI generic bus driver. The issue arises from a dedicated state-change workqueue created with both WQ_HIGHPRI and WQ_MEM_RECLAIM flags, where the state-change work (mhi_pm_st_worker) cannot guarantee forward progress under memory pressure and may bloc...

CVE-2024-30695

This CVE entry is rejected/not used as stated.

CVE-2024-30713

CVE-2024-30713 entry is rejected/not used and does not represent an active vulnerability.

CVE-2024-26654

Summary (CVE-2024-26654) : In the Linux kernel, the ALSA: sh: aica path could dereference a freed aica_channel due to a race between mod_timer/del_timer during PCM close, causing a use-after-free (UAF). Connected advisories confirm affected kernel families include Astra Linux advisories for Linux...

CVE-2021-46969

CVE-2021-46969 affects the Linux kernel bus: mhi: core. The vulnerability arises when mhi_queue incorrectly returns an error if the doorbell is not accessible in a non-M0 state (e.g., M3). The device is awakened to M0 before updating the doorbell, and treating this as an error delayed the doorbel...

CVE-2022-20649

CVE-2022-20649 is a Cisco StarOS/RCM vulnerability where an incorrectly enabled debug mode on specific services allows an unauthenticated remote attacker to execute arbitrary commands as root inside the configured container. The issue stems from debug mode listening/enabled for certain services, ...

CVE-2021-44790

CVE-2021-44790 affects Apache HTTP Server up to version 2.4.51. It describes a buffer overflow in the mod_lua multipart parser (triggered via r:parsebody() from Lua scripts). Connected documents corroborate this in various advisories and patch notes, indicating releases with fixes (e.g., patched ...

CVE-2020-25682

Dnsmasq contains multiple DNSSEC-related memory-corruption flaws (notably CVE-2020-25682) arising from improper length checks in the extract_name() path used to parse DNS names. An attacker on the network who can craft valid DNS replies can trigger a heap overflow, potentially allowing remote cod...

CVE-2022-1242

CVE-2022-1242 affects the Ubuntu Apport component. The issue allows a local attacker to trick Apport into connecting to arbitrary sockets as root due to improper handling of Apport sockets (in containers too). Affected advisories include USN-6894-1 and related Red Hat/Nessus/OpenVAS entries; patc...

CVE-2023-40533

CVE-2023-40533 is a duplicate of CVE-2022-40468 and is not a separate active vulnerability entry. Connected advisories confirm Tinyproxy vulnerabilities affecting header handling and heap data leakage (notably CVE-2022-40468 and related issues) with remediation through updates to Tinyproxy. Debia...

CVE-2021-46972

CVE-2021-46972 affects Linux kernel overlayfs (ovl). The issue is a leaked dentry that occurs when metacopy errors happen during unmount, due to overlayfs not creating a temporary dentry after a metacopy error. The fix (commit 6815f479ca90) switches ovl_lookup() to use only the uppermetacopy stat...