UBUNTU-CVE-2022-1552

A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck commands activated relevant protections too late or no...

PT-2022-2514 · Unknown +11 · Postgresql +10

Name of the Vulnerable Software and Affected Versions: PostgreSQL affected versions not specified Description: A flaw was found in PostgreSQL related to incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRES...

AMD Processors 安全漏洞

AMD Processors is a processor from AMD. A security vulnerability exists in AMD Processors that stems from a failure to refresh the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU, which can cause an IO device to write to memory it cannot access, resulting in a loss of...

In GenericMinerV2 get more reward by staking in votingEscrow and calling syncStake()

Lines of code Vulnerability details Impact User can withdraw & deposit in votingEscrow contract and then call syncStake function of VotingMinerV2 to update his stake and stakeWithBoost with his new balance, and then he can call releaseRewards to get more reward than he spoused to. Proof of Concep...

Unbreakable Enterprise kernel security update

4.14.35-2047.512.6 - Revert 'rds/ib: recover rds connection from stuck rx path' Rohit Nair Orabug: 34039271 - uek-rpm: update kABI lists for new symbols Saeed Mirzamohammadi Orabug: 33993774 4.14.35-2047.512.5 - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Global Name Management (CVE-2019-2989, CVE-2019-2978, CVE-2019-2983)

Summary There are multiple vulnerabilities in the IBM Java SDK that is used by IBM WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. Vulnerability Details Refer to the security bulletinss listed in the Remediation/Fixes section Affected Products and Versions...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Global Name Management (CVE-2019-2769, CVE-2019-2762, CVE-2019-2816).

Summary There are multiple vulnerabilities in the IBM Java SDK that is used by IBM WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. Vulnerability Details Refer to the security bulletinss listed in the Remediation/Fixes section Affected Products and Versions...

Frequently Overlooked Settings to Improve Graphics Performance for XenApp, XenDesktop, Receiver Technologies

This article provides an overview of frequently overlooked or misconfigured settings that can be used to enhance graphics performance in XenDesktop, XenApp, and the Citrix Receiver. Background Throughout the life of XenApp and XenDesktop, the combination of many factors such as the architecture o...

Security Bulletin: Vulnerability in IBM Java JRE affects IBM InfoSphere Identity Insight (CVE-2021-35578)

Summary A vulnerability in the IBM Java JRE affects IBM InfoSphere Identity Insight. An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors...

SUSE: Security Advisory (SUSE-SU-2022:1025-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:1027-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update Java 8.0 to Service Refresh 7 Fix Pack 5 bsc1197126. Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,...

OPENSUSE-SU-2022:1027-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update Java 8.0 to Service Refresh 7 Fix Pack 5 bsc1197126. Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,...

SUSE-SU-2022:1026-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update Java 8.0 to Service Refresh 7 Fix Pack 5 bsc1197126. Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,...

SUSE-SU-2022:1025-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: Update Java 7.1 to Service Refresh 7 Fix Pack 5 bsc1197126. Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,...

Security update for java-1_8_0-ibm (important)

openSUSE Security Update: Security update for java-180-ibm Announcement ID: openSUSE-SU-2022:1027-1 Rating: important References: 1194925 1194926 1194927 1194928 1194929 1194930 1194931 1194932 1194933 1194934 1194935 1194937 1194939 1194940 1194941 1195146 1196500 1197126 Cross-References:...

CVE-2022-0833

The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a publicly accessible temporary file...

Cross site request forgery (csrf)

The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a publicly accessible temporary file...

PT-2022-13457 · WordPress · Church Admin

Name of the Vulnerable Software and Affected Versions: Church Admin WordPress plugin versions prior to 3.4.135 Description: The issue allows unauthenticated attackers to exploit the lack of authorization and CSRF protection in certain actions and requested files. This enables them to repeatedly...

SUSE-SU-2022:14927-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: Update Java 7.1 to Service Refresh 7 Fix Pack 5 bsc1197126. Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,...

SUSE-SU-2022:14926-1 Security update for java-1_7_0-ibm

This update for java-170-ibm fixes the following issues: Update Java 7.0 to Service Refresh 11 Fix Pack 5 bsc1197126. Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,...