Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003863)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003863 advisory. In the Linux kernel before 4.20.8, kvmioctlcreatedevice in virt/kvm/kvmmain.c mishandles reference counting because of a race condition, leading to a use-after-free...

CVE-2024-33594

Missing Authorization vulnerability in Leaky Paywall.This issue affects Leaky Paywall: from n/a through 4.20.8...

PT-2024-25363 · Unknown · Leaky Paywall

Name of the Vulnerable Software and Affected Versions: Leaky Paywall versions n/a through 4.20.8 Description: The issue is related to a Missing Authorization vulnerability in Leaky Paywall. This vulnerability affects Leaky Paywall versions from n/a through 4.20.8. Recommendations: For versions n/...

WordPress Leaky Paywall Plugin <= 4.20.8 is vulnerable to Broken Access Control

Software Leaky Paywall Type Plugin Vulnerable versions = 4.20.8 Fixed in 4.20.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33594 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID a83bbae5ad9a Credits Joshua Chan Required privileg...

Atlassian Jira Service Management 4.14.x < 4.20.8 Internal Network Leakage Service-Side Request Forgery

According to its self-reported version number, the Atlassian Jira Service Desk application running on the remote host is version 4.14.x prior to 4.2.8 or 4.21.x prior to 4.22.2. It is, therefore, affected by a flaw which may allow authenticated remote attackers to access the content of internal...

SUSE CVE-2019-8956

In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctpsendmsg" function net/sctp/socket.c when handling SCTPSENDALL flag can be exploited to corrupt memory...

WordPress Ajax Search Pro 代码问题漏洞

WordPress Ajax Search Pro is a search engine from WordPress. An untrusted data deserialization vulnerability exists in the import database feature of the admin panel of WordPress Ajax search pro versions prior to 4.20.8, which can be exploited by an attacker to achieve remote code execution...

[SECURITY] Fedora 28 Update: kernel-4.20.8-100.fc28

The kernel meta package...

PT-2019-1635 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 4.20.8 Linux Kernel versions prior to 4.19.21 Description: A use-after-free error in the sctp sendmsg function when handling the SCTP SENDALL flag can be exploited to corrupt memory, potentially allowing an...