JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199)
What are the Vulnerabilities? Two new vulnerabilities affecting JetBrains TeamCity CI/CD server have been identified and tagged as CVE-2024-27198 and CVE-2024-27199. The most severe of...
USN-6693-1: .NET vulnerability
It was discovered that .NET did not properly handle certain specially crafted requests. An attacker could potentially use this issue to cause a resource leak,...
Critical Patches Issued for Microsoft Products, March 13, 2024
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged...
USN-6692-1: Gson vulnerability
It was discovered that Gson incorrectly handled deserialization of untrusted input data. If a user or an automated system were tricked into opening a specially...
LSN-0101-1: Kernel Live Patch Security Notice
Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a...
USN-6691-1: OVN vulnerability
It was discovered that OVN incorrectly enabled OVS Bidirectional Forwarding Detection on logical ports. A remote attacker could possibly use this issue to disrupt traffic....
USN-6690-1: Open vSwitch vulnerabilities
Timothy Redaelli and Haresh Khandelwal discovered that Open vSwitch incorrectly handled certain crafted Geneve packets when hardware offloading via the netlink path is enabled. A...
USN-6656-2: PostgreSQL vulnerability
USN-6656-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 16.04 LTS Original advisory details: It was discovered that PostgreSQL incorrectly...
USN-6689-1: Rack vulnerabilities
It was discovered that Rack incorrectly parse some headers. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-27539, CVE-2024-26141, CVE-2024-26146)...
ZDI-24-290: NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI LabVIEW. User interaction is required to exploit this vulnerability in that...