Latest vulnerabilities [Friday, February 23, 2024]

Latest vulnerabilities [Friday, February 23, 2024]
{{titre}}

Last update performed on 02/23/2024 at 11:57:07 PM

(1) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : vuldb.com

Vulnerability ID : CVE-2024-1783

First published on : 23-02-2024 01:15:53
Last modified on : 23-02-2024 02:42:54

Description :
A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130/9.3.5u.6698_B20230810. Affected is the function loginAuth of the file /cgi-bin/cstecgi.cgi of the component Web Interface. The manipulation of the argument http_host leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-254574 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-1783
Source : cna@vuldb.com
CVSS Score : 9.8

References :
https://gist.github.com/manishkumarr1017/30bca574e2f0a6d6336115ba71111984 | source : cna@vuldb.com
https://vuldb.com/?ctiid.254574 | source : cna@vuldb.com
https://vuldb.com/?id.254574 | source : cna@vuldb.com

Vulnerability : CWE-121


(21) HIGH VULNERABILITIES [7.0, 8.9]

Source : github.com

Vulnerability ID : CVE-2024-26150

First published on : 23-02-2024 16:15:48
Last modified on : 23-02-2024 19:31:25

Description :
`@backstage/backend-common` is a common functionality library for backends for Backstage, an open platform for building developer portals. In `@backstage/backend-common` prior to versions 0.21.1, 0.20.2, and 0.19.10, paths checks with the `resolveSafeChildPath` utility were not exhaustive enough, leading to risk of path traversal vulnerabilities if symlinks can be injected by attackers. This issue is patched in `@backstage/backend-common` versions 0.21.1, 0.20.2, and 0.19.10.

CVE ID : CVE-2024-26150
Source : security-advisories@github.com
CVSS Score : 8.7

References :
https://github.com/backstage/backstage/commit/1ad2b1b61ebb430051f7d804b0cc7ebfe7922b6f | source : security-advisories@github.com
https://github.com/backstage/backstage/commit/78f892b3a84d63de2ba167928f171154c447b717 | source : security-advisories@github.com
https://github.com/backstage/backstage/commit/edf65d7d31e027599c2415f597d085ee84807871 | source : security-advisories@github.com
https://github.com/backstage/backstage/security/advisories/GHSA-2fc9-xpp8-2g9h | source : security-advisories@github.com

Vulnerability : CWE-22


Source : us.ibm.com

Vulnerability ID : CVE-2022-43842

First published on : 23-02-2024 19:15:08
Last modified on : 23-02-2024 19:31:25

Description :
IBM Aspera Console 3.4.0 through 3.4.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 239079.

CVE ID : CVE-2022-43842
Source : psirt@us.ibm.com
CVSS Score : 8.6

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/239079 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7122632 | source : psirt@us.ibm.com

Vulnerability : CWE-89


Source : vmware.com

Vulnerability ID : CVE-2024-22243

First published on : 23-02-2024 05:15:08
Last modified on : 23-02-2024 16:14:43

Description :
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.

CVE ID : CVE-2024-22243
Source : security@vmware.com
CVSS Score : 8.1

References :
https://spring.io/security/cve-2024-22243 | source : security@vmware.com


Source : vuldb.com

Vulnerability ID : CVE-2024-1786

First published on : 23-02-2024 01:15:53
Last modified on : 23-02-2024 02:42:54

Description :
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DIR-600M C1 3.08. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation of the argument username leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254576. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.

CVE ID : CVE-2024-1786
Source : cna@vuldb.com
CVSS Score : 7.5

References :
https://gist.github.com/dmknght/269d90e17713bbd34e48c50f5c5284a2 | source : cna@vuldb.com
https://vuldb.com/?ctiid.254576 | source : cna@vuldb.com
https://vuldb.com/?id.254576 | source : cna@vuldb.com

Vulnerability : CWE-120


Vulnerability ID : CVE-2024-1817

First published on : 23-02-2024 14:15:44
Last modified on : 23-02-2024 16:14:43

Description :
A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and classified as critical. Affected by this vulnerability is the function dmlogin of the file indexDM_load.php of the component Cookie Handler. The manipulation of the argument is_admin with the input y leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254605 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-1817
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://note.zhaoj.in/share/8gO8yxJ8aN51 | source : cna@vuldb.com
https://vuldb.com/?ctiid.254605 | source : cna@vuldb.com
https://vuldb.com/?id.254605 | source : cna@vuldb.com

Vulnerability : CWE-287


Vulnerability ID : CVE-2024-1820

First published on : 23-02-2024 16:15:47
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability was found in code-projects Crime Reporting System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file inchargelogin.php. The manipulation of the argument email/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254608.

CVE ID : CVE-2024-1820
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/jxp98/VulResearch/blob/main/2024/02/1Crime%20Reporting%20System%20-%20SQL%20Injection.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.254608 | source : cna@vuldb.com
https://vuldb.com/?id.254608 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1824

First published on : 23-02-2024 16:15:48
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability, which was classified as critical, has been found in CodeAstro House Rental Management System 1.0. Affected by this issue is some unknown functionality of the file signing.php. The manipulation of the argument uname/password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254612.

CVE ID : CVE-2024-1824
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://docs.qq.com/doc/DYk9QcHVFRENObWtj | source : cna@vuldb.com
https://vuldb.com/?ctiid.254612 | source : cna@vuldb.com
https://vuldb.com/?id.254612 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1826

First published on : 23-02-2024 17:15:08
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file Source/librarian/user/student/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-254614 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-1826
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/jxp98/VulResearch/blob/main/2024/02/3Library%20System%20In%20PHP%20-%20SQL%20Injection-student_login.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.254614 | source : cna@vuldb.com
https://vuldb.com/?id.254614 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1827

First published on : 23-02-2024 18:15:50
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file Source/librarian/user/teacher/login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254615.

CVE ID : CVE-2024-1827
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/jxp98/VulResearch/blob/main/2024/02/3.2Library%20System%20In%20PHP%20-%20SQL%20Injection-teacher_login.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.254615 | source : cna@vuldb.com
https://vuldb.com/?id.254615 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1828

First published on : 23-02-2024 18:15:50
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. Affected is an unknown function of the file Source/librarian/user/teacher/registration.php. The manipulation of the argument email/idno/phone/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254616.

CVE ID : CVE-2024-1828
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/jxp98/VulResearch/blob/main/2024/02/3.3Library%20System%20In%20PHP%20-%20SQL%20Injection-teacher_reg.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.254616 | source : cna@vuldb.com
https://vuldb.com/?id.254616 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1829

First published on : 23-02-2024 18:15:50
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Source/librarian/user/student/registration.php. The manipulation of the argument email/regno/phone/username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254617 was assigned to this vulnerability.

CVE ID : CVE-2024-1829
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/jxp98/VulResearch/blob/main/2024/02/3.4Library%20System%20In%20PHP%20-%20SQL%20Injection-student_reg.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.254617 | source : cna@vuldb.com
https://vuldb.com/?id.254617 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1830

First published on : 23-02-2024 19:15:08
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254618 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-1830
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/jxp98/VulResearch/blob/main/2024/02/3.5Library%20System%20In%20PHP%20-%20SQL%20Injection-student_lostpass.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.254618 | source : cna@vuldb.com
https://vuldb.com/?id.254618 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1831

First published on : 23-02-2024 19:15:08
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability, which was classified as critical, was found in SourceCodester Complete File Management System 1.0. Affected is an unknown function of the file users/index.php of the component Login Form. The manipulation of the argument username with the input torada%27+or+%271%27+%3D+%271%27+--+- leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-254622 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-1831
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://toradah.notion.site/Login-Bypass-via-SQL-injection-b1e45264f6104bc696836ade6e60fb98?pvs=4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.254622 | source : cna@vuldb.com
https://vuldb.com/?id.254622 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1832

First published on : 23-02-2024 20:15:52
Last modified on : 23-02-2024 20:15:52

Description :
A vulnerability has been found in SourceCodester Complete File Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ of the component Admin Login Form. The manipulation of the argument username with the input torada%27+or+%271%27+%3D+%271%27+--+- leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254623.

CVE ID : CVE-2024-1832
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://toradah.notion.site/SQL-Injection-via-Admin-Login-Form-7372893848cb4bb996ae2c9effb0266a?pvs=25 | source : cna@vuldb.com
https://vuldb.com/?ctiid.254623 | source : cna@vuldb.com
https://vuldb.com/?id.254623 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1833

First published on : 23-02-2024 20:15:52
Last modified on : 23-02-2024 20:15:52

Description :
A vulnerability was found in SourceCodester Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Account/login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254624.

CVE ID : CVE-2024-1833
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/employee-management-system.md#2accountloginphp | source : cna@vuldb.com
https://vuldb.com/?ctiid.254624 | source : cna@vuldb.com
https://vuldb.com/?id.254624 | source : cna@vuldb.com

Vulnerability : CWE-89


Source : 6f8de1f0-f67e-45a6-b68f-98777fdb759c

Vulnerability ID : CVE-2024-27318

First published on : 23-02-2024 18:15:50
Last modified on : 23-02-2024 19:31:25

Description :
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch added for CVE-2022-25882.

CVE ID : CVE-2024-27318
Source : 6f8de1f0-f67e-45a6-b68f-98777fdb759c
CVSS Score : 7.5

References :
https://github.com/onnx/onnx/commit/66b7fb630903fdcf3e83b6b6d56d82e904264a20 | source : 6f8de1f0-f67e-45a6-b68f-98777fdb759c
https://security.snyk.io/vuln/SNYK-PYTHON-ONNX-2395479 | source : 6f8de1f0-f67e-45a6-b68f-98777fdb759c

Vulnerability : CWE-22


Source : jfrog.com

Vulnerability ID : CVE-2024-27132

First published on : 23-02-2024 22:15:55
Last modified on : 23-02-2024 22:15:55

Description :
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables.

CVE ID : CVE-2024-27132
Source : reefs@jfrog.com
CVSS Score : 7.5

References :
https://github.com/mlflow/mlflow/pull/10873 | source : reefs@jfrog.com
https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/ | source : reefs@jfrog.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-27133

First published on : 23-02-2024 22:15:55
Last modified on : 23-02-2024 22:15:55

Description :
Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields.

CVE ID : CVE-2024-27133
Source : reefs@jfrog.com
CVSS Score : 7.5

References :
https://github.com/mlflow/mlflow/pull/10893 | source : reefs@jfrog.com
https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/ | source : reefs@jfrog.com

Vulnerability : CWE-79


Source : tenable.com

Vulnerability ID : CVE-2024-1683

First published on : 23-02-2024 01:15:52
Last modified on : 23-02-2024 02:42:54

Description :
A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services.

CVE ID : CVE-2024-1683
Source : vulnreport@tenable.com
CVSS Score : 7.3

References :
https://www.tenable.com/security/tns-2024-03 | source : vulnreport@tenable.com

Vulnerability : CWE-78


Source : wordfence.com

Vulnerability ID : CVE-2024-1776

First published on : 23-02-2024 07:15:48
Last modified on : 23-02-2024 16:14:43

Description :
The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to SQL Injection via the 'form-id' parameter in all versions up to, and including, 1.1.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE ID : CVE-2024-1776
Source : security@wordfence.com
CVSS Score : 7.2

References :
https://plugins.trac.wordpress.org/browser/admin-side-data-storage-for-contact-form-7/trunk/inc/admin/inc/settings.php#L301 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/7bff8172-b879-40b0-a229-a54787baa38a?source=cve | source : security@wordfence.com


Source : patchstack.com

Vulnerability ID : CVE-2024-25928

First published on : 23-02-2024 12:15:46
Last modified on : 23-02-2024 16:14:43

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sitepact.This issue affects Sitepact: from n/a through 1.0.5.

CVE ID : CVE-2024-25928
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/sitepact-klaviyo-contact-form-7/wordpress-sitepact-s-contact-form-7-extension-for-klaviyo-plugin-1-0-5-reflected-xss-via-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


(22) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : patchstack.com

Vulnerability ID : CVE-2023-24416

First published on : 23-02-2024 12:15:45
Last modified on : 23-02-2024 16:14:43

Description :
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Arne Franken All In One Favicon.This issue affects All In One Favicon: from n/a through 4.7.

CVE ID : CVE-2023-24416
Source : audit@patchstack.com
CVSS Score : 6.8

References :
https://patchstack.com/database/vulnerability/all-in-one-favicon/wordpress-all-in-one-favicon-plugin-4-7-arbitrary-file-deletion-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2024-25915

First published on : 23-02-2024 12:15:46
Last modified on : 23-02-2024 16:14:43

Description :
Server-Side Request Forgery (SSRF) vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2.

CVE ID : CVE-2024-25915
Source : audit@patchstack.com
CVSS Score : 4.9

References :
https://patchstack.com/database/vulnerability/wp-pexels-free-stock-photos/wordpress-pexels-free-stock-photos-plugin-1-2-2-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Source : vuldb.com

Vulnerability ID : CVE-2024-1781

First published on : 23-02-2024 01:15:52
Last modified on : 23-02-2024 02:42:54

Description :
A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.852_20230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public and may be used. The identifier VDB-254573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-1781
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/Icycu123/X6000R-AX3000-Wifi-6-Giga/blob/main/2/X6000R%20AX3000%20WiFi%206%20Giga%E7%84%A1%E7%B7%9A%E8%B7%AF%E7%94%B1%E5%99%A8%E6%9C%AA%E6%8E%88%E6%9D%83rce.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.254573 | source : cna@vuldb.com
https://vuldb.com/?id.254573 | source : cna@vuldb.com

Vulnerability : CWE-77


Vulnerability ID : CVE-2024-1821

First published on : 23-02-2024 16:15:47
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability was found in code-projects Crime Reporting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file police_add.php. The manipulation of the argument police_name/police_id/police_spec/password leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-254609 was assigned to this vulnerability.

CVE ID : CVE-2024-1821
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://github.com/jxp98/VulResearch/blob/main/2024/02/2Crime%20Reporting%20System%20-%20SQL%20Injection-police_add.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.254609 | source : cna@vuldb.com
https://vuldb.com/?id.254609 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1823

First published on : 23-02-2024 16:15:48
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability classified as critical was found in CodeAstro Simple Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file users.php of the component Backend. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254611.

CVE ID : CVE-2024-1823
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://docs.qq.com/doc/DYll0ZEFKcUdGYlNr | source : cna@vuldb.com
https://vuldb.com/?ctiid.254611 | source : cna@vuldb.com
https://vuldb.com/?id.254611 | source : cna@vuldb.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2024-1818

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
A vulnerability was found in CodeAstro Membership Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /uploads/ of the component Logo Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254606 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-1818
Source : cna@vuldb.com
CVSS Score : 4.7

References :
https://drive.google.com/file/d/1EqHqZXfxhNkrDXNfx7wglpxaa5ZlPbx4/view?usp=drive_link | source : cna@vuldb.com
https://vuldb.com/?ctiid.254606 | source : cna@vuldb.com
https://vuldb.com/?id.254606 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2024-1819

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the component Add Members Tab. The manipulation of the argument Member Photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254607.

CVE ID : CVE-2024-1819
Source : cna@vuldb.com
CVSS Score : 4.7

References :
https://drive.google.com/file/d/12sNvBJ7wYjZ-2NBLdyG4e-L8sOO-zrbK/view?usp=sharing | source : cna@vuldb.com
https://vuldb.com/?ctiid.254607 | source : cna@vuldb.com
https://vuldb.com/?id.254607 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2024-1825

First published on : 23-02-2024 17:15:08
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability, which was classified as problematic, was found in CodeAstro House Rental Management System 1.0. This affects an unknown part of the component User Registration Page. The manipulation of the argument address with the input <img src="1" onerror="console.log(1)"> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254613 was assigned to this vulnerability.

CVE ID : CVE-2024-1825
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://docs.qq.com/doc/DYndSY3V4UXh4dHFC | source : cna@vuldb.com
https://vuldb.com/?ctiid.254613 | source : cna@vuldb.com
https://vuldb.com/?id.254613 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : silabs.com

Vulnerability ID : CVE-2023-51392

First published on : 23-02-2024 17:15:07
Last modified on : 23-02-2024 19:31:25

Description :
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks.

CVE ID : CVE-2023-51392
Source : product-security@silabs.com
CVSS Score : 6.2

References :
https://community.silabs.com/068Vm000001BKm6 | source : product-security@silabs.com

Vulnerability : CWE-327


Vulnerability ID : CVE-2023-51393

First published on : 23-02-2024 20:15:51
Last modified on : 23-02-2024 20:15:51

Description :
Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered as part of Silicon Labs Gecko SDK v4.4.0) which may enable attackers to trigger a bus fault and crash of the device, requiring a reboot in order to rejoin the network.

CVE ID : CVE-2023-51393
Source : product-security@silabs.com
CVSS Score : 5.3

References :
https://community.silabs.com/068Vm000001NaAM | source : product-security@silabs.com

Vulnerability : CWE-400
Vulnerability : CWE-770


Vulnerability ID : CVE-2023-51394

First published on : 23-02-2024 20:15:51
Last modified on : 23-02-2024 20:15:51

Description :
High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash.

CVE ID : CVE-2023-51394
Source : product-security@silabs.com
CVSS Score : 5.3

References :
https://community.silabs.com/068Vm000001NL4u | source : product-security@silabs.com

Vulnerability : CWE-476


Source : wordfence.com

Vulnerability ID : CVE-2024-1779

First published on : 23-02-2024 07:15:49
Last modified on : 23-02-2024 16:14:43

Description :
The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the zt_dcfcf_change_status() function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to alter the message read status of messages.

CVE ID : CVE-2024-1779
Source : security@wordfence.com
CVSS Score : 5.3

References :
https://plugins.trac.wordpress.org/browser/admin-side-data-storage-for-contact-form-7/trunk/inc/admin/class.ztdcfcf.admin.action.php#L213 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/52e4f79f-1148-4530-8d78-377a7365978a?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-1590

First published on : 23-02-2024 10:15:07
Last modified on : 23-02-2024 16:14:43

Description :
The Page Builder: Pagelayer โ€“ Drag and Drop website builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Widget in all versions up to, and including, 1.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2024-1590
Source : security@wordfence.com
CVSS Score : 4.6

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3039750%40pagelayer&new=3039750%40pagelayer&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/e635dfb3-002d-4197-b14a-0136a1990a75?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-1777

First published on : 23-02-2024 07:15:48
Last modified on : 23-02-2024 16:14:43

Description :
The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the settings update function. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID : CVE-2024-1777
Source : security@wordfence.com
CVSS Score : 4.3

References :
https://plugins.trac.wordpress.org/browser/admin-side-data-storage-for-contact-form-7/trunk/inc/admin/inc/settings.php#L301 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/b411a97b-2f1c-4feb-b1c7-bc5a1aab7f33?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-1778

First published on : 23-02-2024 07:15:48
Last modified on : 23-02-2024 16:14:43

Description :
The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the zt_dcfcf_change_bookmark() function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to alter bookmark statuses.

CVE ID : CVE-2024-1778
Source : security@wordfence.com
CVSS Score : 4.3

References :
https://plugins.trac.wordpress.org/browser/admin-side-data-storage-for-contact-form-7/trunk/inc/admin/class.ztdcfcf.admin.action.php#L235 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/d74040d0-1fee-4906-af6f-a5d842c42fd4?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-1360

First published on : 23-02-2024 11:15:08
Last modified on : 23-02-2024 16:14:43

Description :
The Colibri WP theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.94. This is due to missing or incorrect nonce validation on the colibriwp_install_plugin() function. This makes it possible for unauthenticated attackers to install recommended plugins via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID : CVE-2024-1360
Source : security@wordfence.com
CVSS Score : 4.3

References :
https://themes.trac.wordpress.org/changeset/218308/colibri-wp/1.0.101/inc/src/PluginsManager.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/db56844f-9988-4f6a-ba1d-f190ff009f2b?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-1361

First published on : 23-02-2024 11:15:08
Last modified on : 23-02-2024 16:14:43

Description :
The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the apiCall() function. This makes it possible for unauthenticated attackers to call a limited set of functions that can be used to import images, delete posts, or save theme data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID : CVE-2024-1361
Source : security@wordfence.com
CVSS Score : 4.3

References :
https://plugins.trac.wordpress.org/changeset/3039597/colibri-page-builder/trunk/extend-builder/api/api.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/233a29f5-12bf-4849-9b28-4458a0b0c940?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-1362

First published on : 23-02-2024 11:15:08
Last modified on : 23-02-2024 16:14:43

Description :
The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the cp_shortcode_refresh() function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID : CVE-2024-1362
Source : security@wordfence.com
CVSS Score : 4.3

References :
https://plugins.trac.wordpress.org/changeset/3039597/colibri-page-builder/trunk/src/PageBuilder.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/a5e7a994-c489-4aea-a9bb-898bc92cae4e?source=cve | source : security@wordfence.com


Source : microsoft.com

Vulnerability ID : CVE-2024-21423

First published on : 23-02-2024 22:15:54
Last modified on : 23-02-2024 22:15:54

Description :
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE ID : CVE-2024-21423
Source : secure@microsoft.com
CVSS Score : 4.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21423 | source : secure@microsoft.com


Source : github.com

Vulnerability ID : CVE-2024-25629

First published on : 23-02-2024 15:15:09
Last modified on : 23-02-2024 16:14:43

Description :
c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist.

CVE ID : CVE-2024-25629
Source : security-advisories@github.com
CVSS Score : 4.4

References :
https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183 | source : security-advisories@github.com
https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q | source : security-advisories@github.com

Vulnerability : CWE-127


Source : 6f8de1f0-f67e-45a6-b68f-98777fdb759c

Vulnerability ID : CVE-2024-27319

First published on : 23-02-2024 18:15:50
Last modified on : 23-02-2024 19:31:25

Description :
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.

CVE ID : CVE-2024-27319
Source : 6f8de1f0-f67e-45a6-b68f-98777fdb759c
CVSS Score : 4.4

References :
https://github.com/onnx/onnx/commit/08a399ba75a805b7813ab8936b91d0e274b08287 | source : 6f8de1f0-f67e-45a6-b68f-98777fdb759c

Vulnerability : CWE-125


Source : m-files.com

Vulnerability ID : CVE-2024-0563

First published on : 23-02-2024 09:15:22
Last modified on : 23-02-2024 16:14:43

Description :
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous users.

CVE ID : CVE-2024-0563
Source : security@m-files.com
CVSS Score : 4.3

References :
https://www.m-files.com/about/trust-center/security-advisories/cve-2024-0563/ | source : security@m-files.com

Vulnerability : CWE-400


(4) LOW VULNERABILITIES [0.1, 3.9]

Source : vuldb.com

Vulnerability ID : CVE-2024-1784

First published on : 23-02-2024 01:15:53
Last modified on : 23-02-2024 02:42:54

Description :
A vulnerability classified as problematic was found in Limbas 5.2.14. Affected by this vulnerability is an unknown functionality of the file main_admin.php. The manipulation of the argument tab_group leads to sql injection. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254575. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-1784
Source : cna@vuldb.com
CVSS Score : 3.9

References :
https://github.com/liyako/vulnerability/blob/main/POC/Limbas-Blind-SQL-injection.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.254575 | source : cna@vuldb.com
https://vuldb.com/?id.254575 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1834

First published on : 23-02-2024 20:15:52
Last modified on : 23-02-2024 20:15:52

Description :
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been classified as problematic. This affects an unknown part of the file ?page=attendance&class_id=1. The manipulation of the argument class_date with the input 2024-02-23%22%3E%3Cscript%3Ealert(1)%3C/script%3E leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254625 was assigned to this vulnerability.

CVE ID : CVE-2024-1834
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-Student-Attendance-System.md#2pageattendancexss | source : cna@vuldb.com
https://vuldb.com/?ctiid.254625 | source : cna@vuldb.com
https://vuldb.com/?id.254625 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-1822

First published on : 23-02-2024 16:15:47
Last modified on : 23-02-2024 19:31:25

Description :
A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System 1.0. Affected is an unknown function of the file user-bookings.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-254610 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-1822
Source : cna@vuldb.com
CVSS Score : 2.4

References :
https://drive.google.com/file/d/1ulzFlRqsex39dDUOFU2LbmphrQblSAwn/view?usp=drive_link | source : cna@vuldb.com
https://vuldb.com/?ctiid.254610 | source : cna@vuldb.com
https://vuldb.com/?id.254610 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : hcl.com

Vulnerability ID : CVE-2023-37540

First published on : 23-02-2024 07:15:47
Last modified on : 23-02-2024 16:14:43

Description :
Sametime Connect desktop chat client includes, but does not use or require, the use of an Eclipse feature called Secure Storage. Using this Eclipse feature to store sensitive data can lead to exposure of that data.

CVE ID : CVE-2023-37540
Source : psirt@hcl.com
CVSS Score : 3.9

References :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082 | source : psirt@hcl.com


(79) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : wpscan.com

Vulnerability ID : CVE-2023-4826

First published on : 23-02-2024 10:15:07
Last modified on : 23-02-2024 16:14:43

Description :
The SocialDriver WordPress theme before version 2024 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties resulting in a cross-site scripting (XSS) attack.

CVE ID : CVE-2023-4826
Source : contact@wpscan.com
CVSS Score : /

References :
http://socialdriver.com | source : contact@wpscan.com
https://wpscan.com/vulnerability/99ec0add-8f4d-4d68-91aa-80b1631a53bf/ | source : contact@wpscan.com


Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Vulnerability ID : CVE-2024-26593

First published on : 23-02-2024 10:15:07
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheets, software must reset the block buffer index twice for block process call transactions: once before writing the outgoing data to the buffer, and once again before reading the incoming data from the buffer. The driver is currently missing the second reset, causing the wrong portion of the block buffer to be read.

CVE ID : CVE-2024-26593
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/1f8d0691c50581ba6043f009ec9e8b9f78f09d5a | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/491528935c9c48bf341d8b40eabc6c4fc5df6f2c | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/609c7c1cc976e740d0fed4dbeec688b3ecb5dce2 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/6be99c51829b24c914cef5bff6164877178e84d9 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/7a14b8a477b88607d157c24aeb23e7389ec3319f | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/c1c9d0f6f7f1dbf29db996bd8e166242843a5f21 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/d074d5ff5ae77b18300e5079c6bda6342a4d44b7 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2024-26594

First published on : 23-02-2024 14:15:45
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech token in session setup If client send invalid mech token in session setup request, ksmbd validate and make the error if it is invalid.

CVE ID : CVE-2024-26594
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/5e6dfec95833edc54c48605a98365a7325e5541e | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/6eb8015492bcc84e40646390e50a862b2c0529c9 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/92e470163d96df8db6c4fa0f484e4a229edb903d | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/a2b21ef1ea4cf632d19b3a7cc4d4245b8e63202a | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/dd1de9268745f0eac83a430db7afc32cbd62e84b | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52453

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: Update migration data pointer correctly on saving/resume When the optional PRE_COPY support was added to speed up the device compatibility check, it failed to update the saving/resuming data pointers based on the fd offset. This results in migration data corruption and when the device gets started on the destination the following error is reported in some cases, [ 478.907684] arm-smmu-v3 arm-smmu-v3.2.auto: event 0x10 received: [ 478.913691] arm-smmu-v3 arm-smmu-v3.2.auto: 0x0000310200000010 [ 478.919603] arm-smmu-v3 arm-smmu-v3.2.auto: 0x000002088000007f [ 478.925515] arm-smmu-v3 arm-smmu-v3.2.auto: 0x0000000000000000 [ 478.931425] arm-smmu-v3 arm-smmu-v3.2.auto: 0x0000000000000000 [ 478.947552] hisi_zip 0000:31:00.0: qm_axi_rresp [error status=0x1] found [ 478.955930] hisi_zip 0000:31:00.0: qm_db_timeout [error status=0x400] found [ 478.955944] hisi_zip 0000:31:00.0: qm sq doorbell timeout in function 2

CVE ID : CVE-2023-52453
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/45f80b2f230df10600e6fa1b83b28bf1c334185e | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/6bda81e24a35a856f58e6a5786de579b07371603 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/be12ad45e15b5ee0e2526a50266ba1d295d26a88 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52454

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 lr : nvmet_tcp_io_work+0x6ac/0x718 [nvmet_tcp] Call trace: process_one_work+0x174/0x3c8 worker_thread+0x2d0/0x3e8 kthread+0x104/0x110 Fix the bug by raising a fatal error if DATAL isn't coherent with the packet size. Also, the PDU length should never exceed the MAXH2CDATA parameter which has been communicated to the host in nvmet_tcp_handle_icreq().

CVE ID : CVE-2023-52454
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/24e05760186dc070d3db190ca61efdbce23afc88 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/2871aa407007f6f531fae181ad252486e022df42 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/4cb3cf7177ae3666be7fb27d4ad4d72a295fb02d | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/70154e8d015c9b4fb56c1a2ef1fc8b83d45c7f68 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/ee5e7632e981673f42a50ade25e71e612e543d9d | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/efa56305908ba20de2104f1b8508c6a7401833be | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/f775f2621c2ac5cc3a0b3a64665dad4fb146e510 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52455

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region is reserved with 0 length, then it ends up corrupting the IOVA rbtree with an entry which has pfn_hi < pfn_lo. If we intend to use display driver in kernel without framebuffer then it's causing the display IOMMU mappings to fail as entire valid IOVA space is reserved when address and length are passed as 0. An ideal solution would be firmware removing the "iommu-addresses" property and corresponding "memory-region" if display is not present. But the kernel should be able to handle this by checking for size of IOVA region and skipping the IOVA reservation if size is 0. Also, add a warning if firmware is requesting 0-length IOVA region reservation.

CVE ID : CVE-2023-52455
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/5e23e283910c9f30248732ae0770bcb0c9438abf | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/98b8a550da83cc392a14298c4b3eaaf0332ae6ad | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/bb57f6705960bebeb832142ce9abf43220c3eab1 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52456

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TX_EN pin. When the TTY port is closed in the middle of a transmission (for instance during userland application crash), imx_uart_shutdown disables the interface and disables the Transmission Complete interrupt. afer that, imx_uart_stop_tx bails on an incomplete transmission, to be retriggered by the TC interrupt. This interrupt is disabled and therefore the tx statemachine never transitions out of SEND. The statemachine is in deadlock now, and the TX_EN remains low, making the interface useless. imx_uart_stop_tx now checks for incomplete transmission AND whether TC interrupts are enabled before bailing to be retriggered. This makes sure the state machine handling is reached, and is properly set to WAIT_AFTER_SEND.

CVE ID : CVE-2023-52456
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/63ee7be01a3f7d28b1ea8b8d7944f12bb7b0ed06 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/6e04a9d30509fb53ba6df5d655ed61d607a7cfda | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/763cd68746317b5d746dc2649a3295c1efb41181 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/78d60dae9a0c9f09aa3d6477c94047df2fe6f7b0 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/9a662d06c22ddfa371958c2071dc350436be802b | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/ff168d4fdb0e1ba35fb413a749b3d6cce918ec19 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52457

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error message: remove callback returned a non-zero value. This will be ignored. and then remove the device anyhow. So all resources that were not freed are leaked in this case. Skipping serial8250_unregister_port() has the potential to keep enough of the UART around to trigger a use-after-free. So replace the error return (and with it the little helpful error message) by a more useful error message and continue to cleanup.

CVE ID : CVE-2023-52457
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/828cd829483f0cda920710997aed79130b0af690 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/887a558d0298d36297daea039954c39940228d9b | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/95e4e0031effad9837af557ecbfd4294a4d8aeee | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/ad90d0358bd3b4554f243a425168fc7cebe7d04e | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/b502fb43f7fb55aaf07f6092ab44657595214b93 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/bc57f3ef8a9eb0180606696f586a6dcfaa175ed0 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/d74173bda29aba58f822175d983d07c8ed335494 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52458

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If the logical block size of the disk is larger than 512 bytes, then the partition size maybe not the multiple of the logical block size, and when the last sector is read, bio_truncate() will adjust the bio size, resulting in an IO error if the size of the read command is smaller than the logical block size.If integrity data is supported, this will also result in a null pointer dereference when calling bio_integrity_free.

CVE ID : CVE-2023-52458
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/5010c27120962c85d2f421d2cf211791c9603503 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/6f64f866aa1ae6975c95d805ed51d7e9433a0016 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/bcdc288e7bc008daf38ef0401b53e4a8bb61bbe5 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/cb16cc1abda18a9514106d2ac8c8d7abc0be5ed8 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/ef31cc87794731ffcb578a195a2c47d744e25fb8 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52459

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix duplicated list deletion The list deletion call dropped here is already called from the helper function in the line before. Having a second list_del() call results in either a warning (with CONFIG_DEBUG_LIST=y): list_del corruption, c46c8198->next is LIST_POISON1 (00000100) If CONFIG_DEBUG_LIST is disabled the operation results in a kernel error due to NULL pointer dereference.

CVE ID : CVE-2023-52459
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/3de6ee94aae701fa949cd3b5df6b6a440ddfb8f2 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/49d82811428469566667f22749610b8c132cdb3e | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/b7062628caeaec90e8f691ebab2d70f31b7b6b91 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52460

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference at hibernate During hibernate sequence the source context might not have a clk_mgr. So don't use it to look for DML2 support.

CVE ID : CVE-2023-52460
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/6b80326efff093d037e0971831dca6ebddba9b45 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/b719a9c15d52d4f56bdea8241a5d90fd9197ce99 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52461

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix bounds limiting when given a malformed entity If we're given a malformed entity in drm_sched_entity_init()--shouldn't happen, but we verify--with out-of-bounds priority value, we set it to an allowed value. Fix the expression which sets this limit.

CVE ID : CVE-2023-52461
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/1470d173925d697b497656b93f7c5bddae2e64b2 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/2bbe6ab2be53858507f11f99f856846d04765ae3 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52462

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: bpf: fix check for attempt to corrupt spilled pointer When register is spilled onto a stack as a 1/2/4-byte register, we set slot_type[BPF_REG_SIZE - 1] (plus potentially few more below it, depending on actual spill size). So to check if some stack slot has spilled register we need to consult slot_type[7], not slot_type[0]. To avoid the need to remember and double-check this in the future, just use is_spilled_reg() helper.

CVE ID : CVE-2023-52462
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/2757f17972d87773b3677777f5682510f13c66ef | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/40617d45ea05535105e202a8a819e388a2b1f036 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/67e6707f07354ed1acb4e65552e97c60cf9d69cf | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/8dc15b0670594543c356567a1a45b0182ec63174 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/ab125ed3ec1c10ccc36bc98c7a4256ad114a3dae | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/fc3e3c50a0a4cac1463967c110686189e4a59104 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52463

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as RO so no one can call that. However, we never check the permission flags when someone remounts the filesystem as RW. As a result this leads to a crash looking like this: $ mount -o remount,rw /sys/firmware/efi/efivars $ efi-updatevar -f PK.auth PK [ 303.279166] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 303.280482] Mem abort info: [ 303.280854] ESR = 0x0000000086000004 [ 303.281338] EC = 0x21: IABT (current EL), IL = 32 bits [ 303.282016] SET = 0, FnV = 0 [ 303.282414] EA = 0, S1PTW = 0 [ 303.282821] FSC = 0x04: level 0 translation fault [ 303.283771] user pgtable: 4k pages, 48-bit VAs, pgdp=000000004258c000 [ 303.284913] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000 [ 303.286076] Internal error: Oops: 0000000086000004 [#1] PREEMPT SMP [ 303.286936] Modules linked in: qrtr tpm_tis tpm_tis_core crct10dif_ce arm_smccc_trng rng_core drm fuse ip_tables x_tables ipv6 [ 303.288586] CPU: 1 PID: 755 Comm: efi-updatevar Not tainted 6.3.0-rc1-00108-gc7d0c4695c68 #1 [ 303.289748] Hardware name: Unknown Unknown Product/Unknown Product, BIOS 2023.04-00627-g88336918701d 04/01/2023 [ 303.291150] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 303.292123] pc : 0x0 [ 303.292443] lr : efivar_set_variable_locked+0x74/0xec [ 303.293156] sp : ffff800008673c10 [ 303.293619] x29: ffff800008673c10 x28: ffff0000037e8000 x27: 0000000000000000 [ 303.294592] x26: 0000000000000800 x25: ffff000002467400 x24: 0000000000000027 [ 303.295572] x23: ffffd49ea9832000 x22: ffff0000020c9800 x21: ffff000002467000 [ 303.296566] x20: 0000000000000001 x19: 00000000000007fc x18: 0000000000000000 [ 303.297531] x17: 0000000000000000 x16: 0000000000000000 x15: 0000aaaac807ab54 [ 303.298495] x14: ed37489f673633c0 x13: 71c45c606de13f80 x12: 47464259e219acf4 [ 303.299453] x11: ffff000002af7b01 x10: 0000000000000003 x9 : 0000000000000002 [ 303.300431] x8 : 0000000000000010 x7 : ffffd49ea8973230 x6 : 0000000000a85201 [ 303.301412] x5 : 0000000000000000 x4 : ffff0000020c9800 x3 : 00000000000007fc [ 303.302370] x2 : 0000000000000027 x1 : ffff000002467400 x0 : ffff000002467000 [ 303.303341] Call trace: [ 303.303679] 0x0 [ 303.303938] efivar_entry_set_get_size+0x98/0x16c [ 303.304585] efivarfs_file_write+0xd0/0x1a4 [ 303.305148] vfs_write+0xc4/0x2e4 [ 303.305601] ksys_write+0x70/0x104 [ 303.306073] __arm64_sys_write+0x1c/0x28 [ 303.306622] invoke_syscall+0x48/0x114 [ 303.307156] el0_svc_common.constprop.0+0x44/0xec [ 303.307803] do_el0_svc+0x38/0x98 [ 303.308268] el0_svc+0x2c/0x84 [ 303.308702] el0t_64_sync_handler+0xf4/0x120 [ 303.309293] el0t_64_sync+0x190/0x194 [ 303.309794] Code: ???????? ???????? ???????? ???????? (????????) [ 303.310612] ---[ end trace 0000000000000000 ]--- Fix this by adding a .reconfigure() function to the fs operations which we can use to check the requested flags and deny anything that's not RO if the firmware doesn't implement SetVariable at runtime.

CVE ID : CVE-2023-52463
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/0049fe7e4a85849bdd778cdb72e51a791ff3d737 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/0e8d2444168dd519fea501599d150e62718ed2fe | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/2aa141f8bc580f8f9811dfe4e0e6009812b73826 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/94c742324ed7e42c5bd6a9ed22e4ec6d764db4d8 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/d4a714873db0866cc471521114eeac4a5072d548 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/d4a9aa7db574a0da64307729cc031fb68597aa8b | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2023-52464

First published on : 23-02-2024 15:15:08
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr': drivers/edac/thunderx_edac.c:1136:17: error: 'strncat' specified bound 1024 equals destination size [-Werror=stringop-overflow=] 1136 | strncat(msg, other, OCX_MESSAGE_SIZE); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... 1145 | strncat(msg, other, OCX_MESSAGE_SIZE); ... 1150 | strncat(msg, other, OCX_MESSAGE_SIZE); ... Apparently the author of this driver expected strncat() to behave the way that strlcat() does, which uses the size of the destination buffer as its third argument rather than the length of the source buffer. The result is that there is no check on the size of the allocated buffer. Change it to strlcat(). [ bp: Trim compiler output, fixup commit message. ]

CVE ID : CVE-2023-52464
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/426fae93c01dffa379225eb2bd4d3cdc42c6eec5 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/475c58e1a471e9b873e3e39958c64a2d278275c8 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/6aa7865ba7ff7f0ede0035180fb3b9400ceb405a | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/700cf4bead80fac994dcc43ae1ca5d86d8959b21 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/71c17ee02538802ceafc830f0736aa35b564e601 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/9dbac9fdae6e3b411fc4c3fca3bf48f70609c398 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/e1c86511241588efffaa49556196f09a498d5057 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2024-26595

First published on : 23-02-2024 15:15:09
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer dereference upon 'region->group->tcam' [1]. Fix by retrieving the 'tcam' pointer using mlxsw_sp_acl_to_tcam(). [1] BUG: kernel NULL pointer dereference, address: 0000000000000000 [...] RIP: 0010:mlxsw_sp_acl_tcam_region_destroy+0xa0/0xd0 [...] Call Trace: mlxsw_sp_acl_tcam_vchunk_get+0x88b/0xa20 mlxsw_sp_acl_tcam_ventry_add+0x25/0xe0 mlxsw_sp_acl_rule_add+0x47/0x240 mlxsw_sp_flower_replace+0x1a9/0x1d0 tc_setup_cb_add+0xdc/0x1c0 fl_hw_replace_filter+0x146/0x1f0 fl_change+0xc17/0x1360 tc_new_tfilter+0x472/0xb90 rtnetlink_rcv_msg+0x313/0x3b0 netlink_rcv_skb+0x58/0x100 netlink_unicast+0x244/0x390 netlink_sendmsg+0x1e4/0x440 ____sys_sendmsg+0x164/0x260 ___sys_sendmsg+0x9a/0xe0 __sys_sendmsg+0x7a/0xc0 do_syscall_64+0x40/0xe0 entry_SYSCALL_64_after_hwframe+0x63/0x6b

CVE ID : CVE-2024-26595
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/817840d125a370626895df269c50c923b79b0a39 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/d0a1efe417c97a1e9b914056ee6b86f1ef75fe1f | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/efeb7dfea8ee10cdec11b6b6ba4e405edbe75809 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2024-26596

First published on : 23-02-2024 15:15:09
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the system. static inline struct dsa_port *dsa_user_to_port(const struct net_device *dev) { struct dsa_user_priv *p = netdev_priv(dev); return p->dp; } Which is obviously bogus, because not all net_devices have a netdev_priv() of type struct dsa_user_priv. But struct dsa_user_priv is fairly small, and p->dp means dereferencing 8 bytes starting with offset 16. Most drivers allocate that much private memory anyway, making our access not fault, and we discard the bogus data quickly afterwards, so this wasn't caught. But the dummy interface is somewhat special in that it calls alloc_netdev() with a priv size of 0. So every netdev_priv() dereference is invalid, and we get this when we emit a NETDEV_PRECHANGEUPPER event with a VLAN as its new upper: $ ip link add dummy1 type dummy $ ip link add link dummy1 name dummy1.100 type vlan id 100 [ 43.309174] ================================================================== [ 43.316456] BUG: KASAN: slab-out-of-bounds in dsa_user_prechangeupper+0x30/0xe8 [ 43.323835] Read of size 8 at addr ffff3f86481d2990 by task ip/374 [ 43.330058] [ 43.342436] Call trace: [ 43.366542] dsa_user_prechangeupper+0x30/0xe8 [ 43.371024] dsa_user_netdevice_event+0xb38/0xee8 [ 43.375768] notifier_call_chain+0xa4/0x210 [ 43.379985] raw_notifier_call_chain+0x24/0x38 [ 43.384464] __netdev_upper_dev_link+0x3ec/0x5d8 [ 43.389120] netdev_upper_dev_link+0x70/0xa8 [ 43.393424] register_vlan_dev+0x1bc/0x310 [ 43.397554] vlan_newlink+0x210/0x248 [ 43.401247] rtnl_newlink+0x9fc/0xe30 [ 43.404942] rtnetlink_rcv_msg+0x378/0x580 Avoid the kernel oops by dereferencing after the type check, as customary.

CVE ID : CVE-2024-26596
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/844f104790bd69c2e4dbb9ee3eba46fde1fcea7b | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/dbd909c20c11f0d29c0054d41e0d1f668a60e8c8 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2024-26597

First published on : 23-02-2024 15:15:09
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below: ================================================================== BUG: KASAN: global-out-of-bounds in validate_nla lib/nlattr.c:386 [inline] BUG: KASAN: global-out-of-bounds in __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600 Read of size 1 at addr ffffffff92c438d0 by task syz-executor.6/84207 CPU: 0 PID: 84207 Comm: syz-executor.6 Tainted: G N 6.1.0 #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x8b/0xb3 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x172/0x475 mm/kasan/report.c:395 kasan_report+0xbb/0x1c0 mm/kasan/report.c:495 validate_nla lib/nlattr.c:386 [inline] __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600 __nla_parse+0x3e/0x50 lib/nlattr.c:697 nla_parse_nested_deprecated include/net/netlink.h:1248 [inline] __rtnl_newlink+0x50a/0x1880 net/core/rtnetlink.c:3485 rtnl_newlink+0x64/0xa0 net/core/rtnetlink.c:3594 rtnetlink_rcv_msg+0x43c/0xd70 net/core/rtnetlink.c:6091 netlink_rcv_skb+0x14f/0x410 net/netlink/af_netlink.c:2540 netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline] netlink_unicast+0x54e/0x800 net/netlink/af_netlink.c:1345 netlink_sendmsg+0x930/0xe50 net/netlink/af_netlink.c:1921 sock_sendmsg_nosec net/socket.c:714 [inline] sock_sendmsg+0x154/0x190 net/socket.c:734 ____sys_sendmsg+0x6df/0x840 net/socket.c:2482 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2536 __sys_sendmsg+0xf3/0x1c0 net/socket.c:2565 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fdcf2072359 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fdcf13e3168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007fdcf219ff80 RCX: 00007fdcf2072359 RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003 RBP: 00007fdcf20bd493 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fffbb8d7bdf R14: 00007fdcf13e3300 R15: 0000000000022000 </TASK> The buggy address belongs to the variable: rmnet_policy+0x30/0xe0 The buggy address belongs to the physical page: page:0000000065bdeb3c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x155243 flags: 0x200000000001000(reserved|node=0|zone=2) raw: 0200000000001000 ffffea00055490c8 ffffea00055490c8 0000000000000000 raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffffffff92c43780: f9 f9 f9 f9 00 00 00 02 f9 f9 f9 f9 00 00 00 07 ffffffff92c43800: f9 f9 f9 f9 00 00 00 05 f9 f9 f9 f9 06 f9 f9 f9 >ffffffff92c43880: f9 f9 f9 f9 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 ^ ffffffff92c43900: 00 00 00 00 00 00 00 00 07 f9 f9 f9 f9 f9 f9 f9 ffffffff92c43980: 00 00 00 07 f9 f9 f9 f9 00 00 00 05 f9 f9 f9 f9 According to the comment of `nla_parse_nested_deprecated`, the maxtype should be len(destination array) - 1. Hence use `IFLA_RMNET_MAX` here.

CVE ID : CVE-2024-26597
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/02467ab8b404d80429107588e0f3425cf5fcd2e5 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/093dab655808207f7a9f54cf156240aeafc70590 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/17d06a5c44d8fd2e8e61bac295b09153496f87e1 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/2295c22348faf795e1ccdf618f6eb7afdb2f7447 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/3b5254862258b595662a0ccca6e9eeb88d6e7468 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/b33fb5b801c6db408b774a68e7c8722796b59ecc | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/c4734535034672f59f2652e1e0058c490da62a5c | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/ee1dc3bf86f2df777038506b139371a9add02534 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2024-26598

First published on : 23-02-2024 15:15:09
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DISCARD ITS command. The root of the problem is that vgic_its_check_cache() does not elevate the refcount on the vgic_irq before dropping the lock that serializes refcount changes. Have vgic_its_check_cache() raise the refcount on the returned vgic_irq and add the corresponding decrement after queueing the interrupt.

CVE ID : CVE-2024-26598
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/12c2759ab1343c124ed46ba48f27bd1ef5d2dff4 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/65b201bf3e9af1b0254243a5881390eda56f72d1 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/ad362fe07fecf0aba839ff2cc59a3617bd42c33f | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/ba7be666740847d967822bed15500656b26bc703 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/d04acadb6490aa3314f9c9e087691e55de153b88 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/dba788e25f05209adf2b0175eb1691dc89fb1ba6 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/dd3956a1b3dd11f46488c928cb890d6937d1ca80 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Vulnerability ID : CVE-2024-26599

First published on : 23-02-2024 15:15:09
Last modified on : 23-02-2024 16:14:43

Description :
In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in of_pwm_single_xlate() With args->args_count == 2 args->args[2] is not defined. Actually the flags are contained in args->args[1].

CVE ID : CVE-2024-26599
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/7b85554c7c2aee91171e038e4d5442ffa130b282 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/a297d07b9a1e4fb8cda25a4a2363a507d294b7c9 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/bae45b7ebb31984b63b13c3519fd724b3ce92123 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/e5f2b4b62977fb6c2efcbc5779e0c9dce18215f7 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67


Source : mitre.org

Vulnerability ID : CVE-2024-22776

First published on : 23-02-2024 15:15:09
Last modified on : 23-02-2024 16:14:43

Description :
Wallos 0.9 is vulnerable to Cross Site Scripting (XSS) in all text-based input fields without proper validation, excluding those requiring specific formats like date fields.

CVE ID : CVE-2024-22776
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ellite/Wallos | source : cve@mitre.org
https://webity-luescher.notion.site/webity-luescher/Wallos-v0-9-to-v1-2-2-CVE-2024-22776-Stored-XSS-Vulnerability-in-all-text-based-input-fields-6622fb4cfbe0430aa0b1d4b3edcb67b0 | source : cve@mitre.org


Vulnerability ID : CVE-2024-24309

First published on : 23-02-2024 22:15:54
Last modified on : 23-02-2024 22:15:54

Description :
In the module "Survey TMA" (ecomiz_survey_tma) up to version 2.0.0 from Ecomiz for PrestaShop, a guest can download personal information without restriction.

CVE ID : CVE-2024-24309
Source : cve@mitre.org
CVSS Score : /

References :
https://security.friendsofpresta.org/modules/2024/02/20/ecomiz_survey_tma.html | source : cve@mitre.org
https://www.ecomiz.com/ | source : cve@mitre.org


Vulnerability ID : CVE-2024-24310

First published on : 23-02-2024 22:15:54
Last modified on : 23-02-2024 22:15:54

Description :
In the module "Generate barcode on invoice / delivery slip" (ecgeneratebarcode) from Ether Creation <= 1.2.0 for PrestaShop, a guest can perform SQL injection.

CVE ID : CVE-2024-24310
Source : cve@mitre.org
CVSS Score : /

References :
https://addons.prestashop.com/en/preparation-shipping/24123-generate-barcode-on-invoice-delivery-slip.html | source : cve@mitre.org
https://security.friendsofpresta.org/modules/2024/02/20/ecgeneratebarcode.html | source : cve@mitre.org


Vulnerability ID : CVE-2024-25730

First published on : 23-02-2024 22:15:55
Last modified on : 23-02-2024 22:15:55

Description :
Hitron CODA-4582 and CODA-4589 devices have default PSKs that are generated from 5-digit hex values concatenated with a "Hitron" substring, resulting in insufficient entropy (only about one million possibilities).

CVE ID : CVE-2024-25730
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/actuator/cve/blob/main/Hitron/CVE-2024-25730 | source : cve@mitre.org
https://i.ebayimg.com/images/g/I-8AAOSwGE9lsGwI/s-l1600.webp | source : cve@mitre.org
https://i.ebayimg.com/images/g/MwMAAOSwjTFk3kpd/s-l1600.webp | source : cve@mitre.org
https://i.ebayimg.com/images/g/VDcAAOSwlodlSuz4/s-l1600.webp | source : cve@mitre.org
https://i.ebayimg.com/images/g/XaAAAOSwvMNkuESk/s-l1600.webp | source : cve@mitre.org
https://i.ebayimg.com/images/g/hzUAAOSwUwVllGMZ/s-l1600.webp | source : cve@mitre.org
https://i.ebayimg.com/images/g/qK8AAOSwbr9lq3PJ/s-l1600.webp | source : cve@mitre.org


Source : apache.org

Vulnerability ID : CVE-2024-23320

First published on : 23-02-2024 17:15:08
Last modified on : 23-02-2024 19:31:25

Description :
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. This issue is a legacy of CVE-2023-49299. We didn't fix it completely in CVE-2023-49299, and we added one more patch to fix it. This issue affects Apache DolphinScheduler: until 3.2.1. Users are recommended to upgrade to version 3.2.1, which fixes the issue.

CVE ID : CVE-2024-23320
Source : security@apache.org
CVSS Score : /

References :
http://www.openwall.com/lists/oss-security/2024/02/23/3 | source : security@apache.org
https://github.com/apache/dolphinscheduler/pull/15487 | source : security@apache.org
https://lists.apache.org/thread/25qhfvlksozzp6j9y8ozznvjdjp3lxqq | source : security@apache.org
https://lists.apache.org/thread/p7rwzdgrztdfps8x1bwx646f1mn0x6cp | source : security@apache.org
https://lists.apache.org/thread/tnf99qoc6tlnwrny4t1zk6mfszgdsokm | source : security@apache.org

Vulnerability : CWE-20


Source : intel.com

Vulnerability ID : CVE-2021-33072

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33072
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33084

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33084
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33085

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33085
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33099

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33099
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33100

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33100
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33102

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33102
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33109

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33109
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33111

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33111
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33112

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33112
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33116

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33116
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33121

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33121
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33125

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33125
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33127

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33127
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33131

First published on : 23-02-2024 21:15:08
Last modified on : 23-02-2024 21:15:08

Description :

CVE ID : CVE-2021-33131
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33132

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33132
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33133

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33133
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33134

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33134
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33136

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33136
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33138

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33138
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33140

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33140
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33141

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33141
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33142

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33142
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33143

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33143
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33144

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33144
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33145

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33145
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33146

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33146
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33148

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33148
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33151

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33151
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33152

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33152
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33153

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33153
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33154

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33154
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33156

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33156
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33157

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33157
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33158

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33158
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33160

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33160
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33161

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33161
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33162

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33162
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33163

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33163
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33165

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33165
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-33167

First published on : 23-02-2024 21:15:09
Last modified on : 23-02-2024 21:15:09

Description :

CVE ID : CVE-2021-33167
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-37405

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-37405
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-3885

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-3885
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-41851

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-41851
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-41852

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-41852
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-41853

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-41853
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-41854

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-41854
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-41855

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-41855
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-41856

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-41856
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-41857

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-41857
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-41858

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-41858
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-41859

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-41859
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-41860

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-41860
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-43351

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-43351
Source : secure@intel.com
CVSS Score : /

References :


Vulnerability ID : CVE-2021-44457

First published on : 23-02-2024 21:15:10
Last modified on : 23-02-2024 21:15:10

Description :

CVE ID : CVE-2021-44457
Source : secure@intel.com
CVSS Score : /

References :


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.