Vuldb Updates

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.86/6.6.27/6.8.6. Affected by this issue is the function mlx5e_priv_init. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-35959. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.15/6.7.3/6.8-rc2. It has been rated as critical. This issue affects the function queue_work of the component pds_core. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-26623. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.77/6.6.16/6.7.4. Affected by this issue is the function nsim_dev_trap_report_work in the library lib/debugobjects.c. The manipulation leads to infinite loop. This vulnerability is handled as CVE-2024-26681. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.110/6.6.51/6.10.10. Affected is the function mmap. The manipulation leads to improper update of reference count. This vulnerability is traded as CVE-2024-47674. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SELinux 3.2. It has been declared as critical. Affected by this vulnerability is the function __cil_verify_classperms of the component CIL Compiler. The manipulation leads to use after free. This vulnerability is known as CVE-2021-36084. Access to the local network is required for this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in SELinux 3.2. It has been rated as critical. Affected by this issue is the function __cil_verify_classperms of the component CIL Compiler. The manipulation leads to use after free. This vulnerability is handled as CVE-2021-36085. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in SELinux 3.2. This affects the function cil_reset_classpermission. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2021-36086. The attack needs to be approached within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in SELinux 3.2. This vulnerability affects the function ebitmap_match_any of the component CIL Compiler. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2021-36087. The attack can only be done within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Apache HTTP Server 2.4.60/2.4.61. It has been rated as problematic. This issue affects some unknown processing of the component Configuration Handler. The manipulation of the argument Content-Type leads to information disclosure. The identification of this vulnerability is CVE-2024-40725. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Red Hat Enterprise Linux and OpenShift Container Platform. It has been rated as problematic. This issue affects some unknown processing of the component Bind-propagation Option. The manipulation of the argument mount leads to improper input validation. The identification of this vulnerability is CVE-2024-9407. Local access is required to approach this attack. There is no exploit available.

A vulnerability has been found in Adobe Acrobat Reader up to 11.0.15/15.006 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2016-1126. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel 2.6.16.9. Affected is the function sctp_process_unk_param. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2010-1173. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Adobe Acrobat Reader up to 11.0.15/15.006. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2016-1125. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Adobe Acrobat Reader up to 11.0.15/15.006. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2016-1124. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Adobe Acrobat Reader up to 11.0.15/15.006. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2016-1123. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in cosign up to 2.0.2. Affected is an unknown function. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2007-2233. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Anchor Episodes Index Plugin up to 2.1.10 on WordPress. It has been classified as problematic. Affected is the function anchor_episodes of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-10189. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in WP-Members Membership Plugin up to 3.4.9.5 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-9231. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Adobe Acrobat Reader up to 11.0.15/15.006. This affects an unknown part. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2016-1122. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Acrobat Reader up to 11.0.15/15.006. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to use after free. This vulnerability is handled as CVE-2016-1121. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.