CVE-2024-54134 – @solana/web3.js modified package published to npm, containing malware that exfiltrates private key material
https://notcve.org/view.php?id=CVE-2024-54134
Estas dos versiones no autorizadas (1.95.6 y 1.95.7) fueron detectadas en cuestión de horas y desde entonces se han anulado. • https://github.com/solana-labs/solana-web3.js/security/advisories/GHSA-jcxm-7wvp-g6p5 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-53131 – nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint
https://notcve.org/view.php?id=CVE-2024-53131
Esta serie corrige errores de desreferencia de puntero nulo que ocurren al usar nilfs2 y dos puntos de seguimiento relacionados con bloques. • https://git.kernel.org/stable/c/5305cb830834549b9203ad4d009ad5483c5e293f https://git.kernel.org/stable/c/085556bf8c70e2629e02e79268dac3016a08b8bf https://git.kernel.org/stable/c/6438f3f42cda825f6f59b4e45ac3a1da28a6f2c9 https://git.kernel.org/stable/c/b017697a517f8779ada4e8ce1c2c75dbf60a2636 https://git.kernel.org/stable/c/19c71cdd77973f99a9adc3190130bc3aa7ae5423 https://git.kernel.org/stable/c/3b2a4fd9bbee77afdd3ed5a05a0c02b6cde8d3b9 https://git.kernel.org/stable/c/59b49ca67cca7b007a5afd3de0283c8008157665 https://git.kernel.org/stable/c/77e47f89d32c2d72eb33d0becbce7abe1 •
CVE-2024-8894 – Out-of-bounds Write vulnerability in ODA SDK versions < 2025.10
https://notcve.org/view.php?id=CVE-2024-8894
This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution. • https://www.opendesign.com/security-advisories • CWE-787: Out-of-bounds Write •
CVE-2024-12107 – Double Free in µD3TN
https://notcve.org/view.php?id=CVE-2024-12107
Double-Free Vulnerability in uD3TN BPv7 Caused by Malformed Endpoint Identifier allows remote attacker to reliably cause DoS La vulnerabilidad de Double-Free en uD3TN BPv7 causada por un identificador de endpoint malformado permite que un atacante remoto cause un ataque DoS de manera confiable • https://gitlab.com/d3tn/ud3tn/-/issues/233 • CWE-415: Double Free •
CVE-2024-52275 – Denial of Service on Tenda AC6V2 Due To Stack Overflow
https://notcve.org/view.php?id=CVE-2024-52275
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50. Vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en Shenzhen Tenda Technology Co Tenda AC6V2 (desde los módulos WizardHandle) permite desbordamientos de búfer. Este problema afecta a Tenda AC6V2: hasta el 15.03.06.50. • https://www.tendacn.com/download/detail-3316.html https://www.tendacn.com/download/detail-3794.html https://www.vulsec.org/advisories • CWE-121: Stack-based Buffer Overflow •