CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2024-45819 – libxl leaks data to PVH guests via ACPI tables
https://notcve.org/view.php?id=CVE-2024-45819
19 Dec 2024 — PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prior contents. PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. • https://xenbits.xenproject.org/xsa/advisory-464.html • CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0CVE-2024-45818 – Deadlock in x86 HVM standard VGA handling
https://notcve.org/view.php?id=CVE-2024-45818
19 Dec 2024 — The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a problem when emulating an instruction with two memory accesses, both of which touch VGA memory (plus some further constraints which aren't relevant here). When emulating the 2nd access, the lock that is already being held would be att... • https://xenbits.xenproject.org/xsa/advisory-463.html • CWE-667: Improper Locking •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22037 – Database password leaked by systemd uyuni-server-attestation service
https://notcve.org/view.php?id=CVE-2024-22037
28 Nov 2024 — The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users. El servicio systemd uyuni-server-attestation necesita una variable de entorno database_password. Este archivo tiene permiso 640 y no se puede mostrar a los usuarios, pero systemd sigue exponiendo el entorno a usuarios sin privilegios. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22037 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22038 – DoS attacks, information leaks etc. with crafted Git repositories in obs-scm-bridge
https://notcve.org/view.php?id=CVE-2024-22038
28 Nov 2024 — Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories to leak information of cause denial of service. Varios problemas en obs-scm-bridge permiten a atacantes que crean repositorios git especialmente manipulados filtrar información o provocar una denegación de servicio. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22038 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49502 – Reflected XSS in Setup Wizard, HTTP Proxy credentials pane in spacewalk-web
https://notcve.org/view.php?id=CVE-2024-49502
28 Nov 2024 — A Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click. This issue affects Container suse/manager/5.0/x86_64/server:5.0.2.7.8.1: before 5.0.15-150600.3.10.2; SUSE Manager Server Module 4.3: before 4.3.42-150400.3.52.1. Una vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas w... • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49502 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49503 – Reflected XSS in Setup Wizard, Organization Credentials in spacewalk-web
https://notcve.org/view.php?id=CVE-2024-49503
28 Nov 2024 — A Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SUSE manager allows attackers to execute Javascript code in the organization credentials sub page. This issue affects Container suse/manager/5.0/x86_64/server:5.0.2.7.8.1: before 5.0.15-150600.3.10.2; SUSE Manager Server Module 4.3: before 4.3.42-150400.3.52.1. Una vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web (XSS o "Cross-site Scripting") en SUSE M... • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49503 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-53920 – Debian Security Advisory 5871-1
https://notcve.org/view.php?id=CVE-2024-53920
27 Nov 2024 — In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.) In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on un... • https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0CVE-2024-11694 – firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims
https://notcve.org/view.php?id=CVE-2024-11694
26 Nov 2024 — Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, and Thunderbird < 128.5. Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and D... • https://bugzilla.mozilla.org/show_bug.cgi?id=1924167 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-11691
https://notcve.org/view.php?id=CVE-2024-11691
26 Nov 2024 — Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. *This bug only affected the application on Apple M series hardware. Other platforms were unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, and Thunderbird < 128.5. Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruptio... • https://bugzilla.mozilla.org/show_bug.cgi?id=1914707 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2024-53899 – virtualenv: potential command injection via virtual environment activation scripts
https://notcve.org/view.php?id=CVE-2024-53899
24 Nov 2024 — virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287. A flaw was found in the virtualenv Python package. Due to the improper handling of quotes in magic template strings, the virtual environment activation script is vulnerable to OS command injection,leading to the loss of confidentiality,integrity and availability of the system. • https://github.com/pypa/virtualenv/issues/2768 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •