Information Disclosure

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. No vendor patch available.

A use-after-free vulnerability in GStreamer's Matroska demuxer allows remote attackers to cause denial of service or potentially disclose sensitive information by sending specially crafted Matroska media files. The vulnerability affects GStreamer versions prior to 1.24.10 and can be triggered without authentication when processing CodecPrivate elements in Matroska streams. No active exploitation has been reported (not in KEV), and no public proof-of-concept exists, though the network-accessible nature and low complexity make it a credible threat.

An out-of-bounds read vulnerability exists in GStreamer's WAV parser that allows remote attackers to read up to 4GB of process memory or cause a denial of service through crashes. The vulnerability affects GStreamer versions prior to 1.24.10 and requires no authentication to exploit over the network. With an EPSS score of only 0.08%, real-world exploitation appears limited, and no known proof-of-concept or active exploitation has been reported.

An out-of-bounds read vulnerability exists in GStreamer's WAV file parser that allows remote attackers to read 4 bytes of memory beyond buffer boundaries when processing specially crafted WAV files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can lead to information disclosure or application crashes when parsing malicious media files. While no active exploitation has been reported and the vulnerability is not listed in CISA's KEV catalog, the network-based attack vector and lack of authentication requirements make this a significant security concern for applications using GStreamer for media processing.

An out-of-bounds read vulnerability exists in GStreamer's WAV file parser that allows remote attackers to crash applications or potentially leak sensitive memory contents when processing maliciously crafted WAV files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication through network-accessible media processing applications. While no active exploitation has been observed in the wild (not in KEV), the vulnerability has a high CVSS score of 9.1 and detailed technical analysis is publicly available.

An out-of-bounds read vulnerability exists in GStreamer's WAV file parser that allows remote attackers to crash applications or potentially leak sensitive memory contents when processing malformed WAV files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication through network-accessible applications using the library. While no public exploits or KEV listings exist, the high CVSS score of 9.1 reflects the potential for both denial of service and information disclosure impacts.

A critical out-of-bounds write vulnerability exists in GStreamer's Vorbis parser that allows remote code execution by processing malicious media files. The flaw affects all GStreamer versions prior to 1.24.10 and enables attackers to overwrite up to 380 bytes of memory beyond array boundaries, potentially leading to arbitrary code execution without authentication. The vulnerability has been assigned a maximum CVSS score of 9.8, indicating critical severity with network-based exploitation possible.

An out-of-bounds read vulnerability exists in GStreamer's qtdemux component that allows reading 4 bytes beyond allocated memory boundaries when processing media files. The vulnerability affects GStreamer versions prior to 1.24.10 and can be exploited remotely without authentication to potentially expose sensitive information or cause application crashes. With a CVSS score of 9.1 and network-based attack vector, this represents a significant risk for applications using GStreamer for media processing, though no active exploitation or public proof-of-concept has been reported.

An out-of-bounds read vulnerability exists in GStreamer's MP4 demuxer that allows remote attackers to read up to 8 bytes beyond allocated memory boundaries when processing malformed MP4 files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication by serving a malicious MP4 file, potentially exposing sensitive memory contents or causing application crashes. A proof-of-concept file (GHSL-2024-245_crash1.mp4) has been publicly disclosed, and while not currently in CISA's KEV catalog, the vulnerability has a critical CVSS score of 9.1.

An out-of-bounds read vulnerability in GStreamer's QuickTime demuxer allows remote attackers to read up to 4GB of process memory or crash the application when processing malformed media files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication by supplying specially crafted QuickTime files. While not currently in CISA's Known Exploited Vulnerabilities catalog, the low EPSS score of 0.08% suggests limited exploitation in the wild despite the availability of detailed technical advisories.

An out-of-bounds read vulnerability exists in GStreamer's QuickTime demuxer (qtdemux.c) that allows attackers to read up to 4GB of process memory or trigger a denial of service via crafted media files. GStreamer versions prior to 1.24.10 are affected. With an EPSS score of only 0.08% (24th percentile), active exploitation appears unlikely despite the network-accessible attack vector and lack of required privileges.

An out-of-bounds write vulnerability exists in GStreamer's SSA subtitle parser (gstssaparse.c) that occurs when malformed SubStation Alpha style override codes contain a closing curly bracket before an opening bracket. This triggers progressively larger memory writes via memmove(), leading to memory corruption and denial of service. A public proof-of-concept exploit is available from GitHub Security Lab (GHSL-2024-228), though the EPSS score remains relatively low at 0.09% (25th percentile), indicating limited observed exploitation activity in the wild.

A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. Rated medium severity (CVSS 4.7).

A denial of service vulnerability in A vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures.

CVE-2024-9407 is a security vulnerability (CVSS 4.7). Remediation should follow standard vulnerability management procedures.

A session fixation issue was discovered in the SAML adapters provided by Keycloak. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

High-severity information disclosure vulnerability in Tina CMS's CLI tool (versions before 1.6.2) that exposes search tokens in the tina-lock.json file, allowing unauthorized access to sensitive authentication credentials. Attackers can exploit this remotely without authentication to steal search tokens from affected websites. With an EPSS score of 0.25%, real-world exploitation likelihood is relatively low despite the high CVSS score.