Security Bulletin: IBM Integration Bus for z/OS webui is potentially vulnerable to an clickjacking attack ( CVE-2026-1353 )

Summary IBM Integration Bus for z/OS webui is potentially vulnerable to an clickjacking attack. Vulnerability Details CVEID:CVE-2026-1353 DESCRIPTION: IBM App Connect Enterprise could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious...

CVE-2020-1353

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1370, CVE-2020-1399, CVE-2020-1404, CVE-2020-1413, CVE-2020-1414,...

Important: git

Issue Overview: A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwri...

Linux Distros Unpatched Vulnerability : CVE-2022-1353

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the pfkeyregister function in net/key/afkey.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to...

Linux Distros Unpatched Vulnerability : CVE-2015-1353

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it canno...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-076)

The version of kernel installed on the remote host is prior to 5.4.190-107.353. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-076 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between...

CVE-2024-1353

creationtimestamp| type| source ---|---|--- 2024-02-09 02:26:25+00:00| seen| https://t.me/ctinow/181767 2024-03-02 14:16:41+00:00| seen| https://t.me/ctinow/198366...

CVE-2024-1353 PHPEMS index.api.php index deserialization

A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. Affected by this issue is the function index of the file app/weixin/controller/index.api.php. The manipulation of the argument picurl leads to deserialization. The exploit has been disclosed to the public and m...

CVE-2024-1353

PHPEMS up to version 1.0 is affected by CVE-2024-1353. The vulnerability resides in the index function of app/weixin/controller/index.api.php, where manipulating the picurl argument leads to deserialization. The issue is publicly disclosed and exploitable per the sources in the connected document...

BELL-CVE-2019-1353 CVE-2019-1353 does not affect BellSoft software

Bulletin has no description...

kernel: Fix of 7 CVEs

mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-1353)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1353 advisory. - A vulnerability was found in the pfkeyregister function in net/key/afkey.c in the Linux kernel. This flaw...

CVE-2023-1353

creationtimestamp| type| source ---|---|--- 2023-03-11 20:21:52+00:00| seen| https://t.me/cibsecurity/59869...

CVE-2023-1353

CVE-2023-1353 affects SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. The vulnerability is a cross-site scripting (XSS) in an unknown function of the file verification.php, triggered by manipulating the txtvaccinationID parameter. Exploitation could be pe...

Amazon Linux 2 : git (ALAS-2023-1943)

The version of git installed on the remote host is prior to 2.23.1-0. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1943 advisory. A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite...

SUSE CVE-2019-1353

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux also known as "WSL" while accessing a working directory on a regular Windows drive, none of the NTFS...

[Important] [Security] Virtuozzo ReadyKernel Patch 153.1 for Virtuozzo Hybrid Server 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.5. Vulnerability id: CVE-2021-45868 3.10.0-1160.41.1.vz7.183.5 to 3.10.0-1160.80.1.vz7.191.4 Quota: check the block number when reading the block in ...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2022-26385)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-26385 advisory. - A vulnerability was found in the pfkeyregister function in net/key/afkey.c in the Linux kernel. This flaw allows a local, unprivileged user to gain acces...

AlmaLinux 9 : kernel-rt (ALSA-2022:7933)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7933 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an...

Rocky Linux 8 : kernel (RLSA-2022:7110)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7110 advisory. - A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local...