CVE-2024-12753

Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to explo...

CVE-2024-11946

iXsystems TrueNAS CORE fetchpluginpackagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to...

CVE-2024-12752

Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

CVE-2024-56799

Simofa is a tool to help automate static website building and deployment. Prior to version 0.2.7, due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they should require authentication. This vulnerability has been patched in v0.2.7...

CVE-2024-56801

Tasklists provides plugin tasklists for GLPI. Versions prior to 2.0.4 have a blind SQL injection vulnerability. Version 2.0.4 contains a patch for the vulnerability...

CVE-2024-56800

Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. Versions prior to 1.1.1 contain a server-side request forgery SSRF vulnerability. The scraping engine could be exploited by crafting a malicious site that redirects to a local IP address...

CVE-2024-13020

A vulnerability classified as critical was found in code-projects Chat System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/chatroom.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2024-13019

A vulnerability classified as problematic has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/updateroom.php of the component Chat Room Page. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack...

CVE-2024-12582

A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the...

CVE-2024-51464

IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to remotely perform operations that the user is not allowed to perform when using Navigator for i...

CVE-2024-56017

Cross-Site Request Forgery CSRF vulnerability in Tom Royal Stop Registration Spam allows Stored XSS.This issue affects Stop Registration Spam: from n/a through 1.23...

CVE-2024-52336

A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with scriptpre or scriptpost options that permit arbitrary...

CVE-2024-6538

A flaw was found in OpenShift Console. A Server Side Request Forgery SSRF attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to...

CVE-2024-6840

An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via automountServiceAccountToken: true, resulting in privilege escalation to a service account...

CVE-2023-6841

A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when the application send back rows with long attribute values...

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

CVE-2024-8285

A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perfor...

CVE-2024-7700

A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. This flaw allows an attacker with the necessary privileges to inject arbitrary commands into the configuration, potentially allowing...

CVE-2024-5651

A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...

CVE-2024-6535

A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certain circumstances, this may allow an attacker to bypass authentication to the Skupper console via a...

CVE-2024-6501

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service...

CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

CVE-2024-21520

Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...

CVE-2024-6239

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service...

CVE-2024-5564

A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information...

CVE-2023-52812

In the Linux kernel, the following vulnerability has been resolved: drm/amd: check num of link levels when update pcie param In SR-IOV environment, the value of pcietable-numoflinklevels will be 0, and numoflevels - 1 will cause array index out of bounds...

CVE-2023-52818

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays...

CVE-2023-52852

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to avoid use-after-free on dic Call trace: memcpy+0x128/0x250 f2fsreadmultipages+0x940/0xf7c f2fsmpagereadpages+0x5a8/0x624 f2fsreadahead+0x5c/0x110 pagecacheraunbounded+0x1b8/0x590...

CVE-2023-52849

In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix shutdown order Ira reports that removing cxlmockmem causes a crash with the following trace: BUG: kernel NULL pointer dereference, address: 0000000000000044 .. RIP: 0010:cxlregiondecodereset+0x7f/0x180 cxlcore .. Cal...

CVE-2023-52826

In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference In tpg110getmodes, the return value of drmmodeduplicate is assigned to mode, which will lead to a NULL pointer dereference on failure of drmmodeduplicate. Add a...

CVE-2023-52850

In the Linux kernel, the following vulnerability has been resolved: media: hantro: Check whether reset op is defined before use The i.MX8MM/N/P does not define the .reset op since reset of the VPU is done by genpd. Check whether the .reset op is defined before calling it to avoid NULL pointer...

CVE-2021-47420

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix a potential ttm-sg memory leak Memory is allocated for ttm-sg by kmalloc in kfdmemdmamapuserptr, but isn't freed by kfree in kfdmemdmaunmapuserptr. Free it!...

CVE-2021-47254

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in gfs2glockshrinkscan The GLFLRU flag is checked under lrulock in gfs2glockremovefromlru to remove the glock from the lru list in gfs2glockput. On the shrink scan path, the same flag is cleared under...

CVE-2021-47409

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: check return value after calling platformgetresource It will cause null-ptr-deref if platformgetresource returns NULL, we need check the return value...

CVE-2021-47390

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapicwriteindirect KASAN reports the following issue: BUG: KASAN: stack-out-of-bounds in kvmmakevcpusrequestmask+0x174/0x440 kvm Read of size 8 at addr ffffc9001364f638 by tas...

CVE-2021-47423

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/debugfs: fix file release memory leak When using singleopen for opening, singlerelease should be called, otherwise the 'op' allocated in singleopen will be leaked...

CVE-2021-47413

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: Also search for 'phys' phandle When passing 'phys' in the devicetree to describe the USB PHY phandle which is the recommended way according to Documentation/devicetree/bindings/usb/ci-hdrc-usb2.txt the...

CVE-2021-47388

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix use-after-free in CCMP/GCMP RX When PN checking is done in mac80211, for fragmentation we need to copy the PN to the RX struct so we can later use it to do a comparison, since commit bf30ca922a0c "mac80211: check...

CVE-2021-47422

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using singleopen for opening, singlerelease should be called, otherwise the 'op' allocated in singleopen will be leaked...

CVE-2024-35922

In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fbvideomodefromvideomode The expression htotal vtotal can have a zero value on overflow. It is necessary to prevent division by zero like in fbvartovideomode. Found by Linux Verification Center...

CVE-2024-35930

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfcrcvpadisc The call to lpfcsli4resumerpi in lpfcrcvpadisc may return an unsuccessful status. In such cases, the elsiocb is not issued, the completion is not called, and thus the elsiocb...

CVE-2024-35933

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintelreadversion If hcicmdsynccomplete is triggered and skb is NULL, then hdev-reqskb is NULL, which will cause this issue...

CVE-2024-35929

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix WARNONONCE in the rcunocbbypasslock For the kernels built with CONFIGRCUNOCBCPUDEFAULTALL=y and CONFIGRCULAZY=y, the following scenarios will trigger WARNONONCE in the rcunocbbypasslock and rcunocbwaitcontended...

CVE-2024-35921

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...

CVE-2024-35902

In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp-cpconn would produce null dereference Simon Horman adds: Analysis: cp is a parameter of rdsrdmamap and is not reassigned. The following call-sites pass a NULL...

CVE-2024-35907

In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: call requestirq after NAPI initialized The mlxbfgige driver encounters a NULL pointer exception in mlxbfgigeopen when kdump is enabled. The sequence to reproduce the exception is as follows: a enable kdump b trigger...

CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

Cross site request forgery (csrf)

An issue discovered in Axigen Mail Server 10.3.x before 10.3.1.27 and 10.3.2.x before 10.3.3.1 allows unauthenticated attackers to submit a setAdminPassword operation request, subsequently setting a new arbitrary password for the admin account...

Cross site scripting

A cross-site scripting XSS vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter...

Cross site scripting

A cross-site scripting XSS vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...