Important: Red Hat Security Advisory: RHTAS 1.3.4 - Red Hat Trusted Artifact Signer Release

The 1.3.4 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

Important: Red Hat Security Advisory: RHTAS 1.3.2 - Red Hat Trusted Artifact Signer Release

The 1.3.2 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

Important: Red Hat Security Advisory: RHTAS 1.3.1 - Red Hat Trusted Artifact Signer Release

The 1.3.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

EUVD-2023-45033

Malicious code in bioql PyPI...

Important: Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release

The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.2 The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18...

RHSA-2025:10098 Red Hat Security Advisory: Red Hat Product OCP Tools 4.16 OpenShift Jenkins security update

Bulletin has no description...

CVE-2022-47607

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Usersnap plugin = 4.16 versions...

CVE-2022-47607 WordPress Usersnap Plugin <= 4.16 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Usersnap plugin = 4.16 versions...

CVE-2022-46650

Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page...

PT-2022-35719 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.264 Description: The issue concerns error handling in the netsec register mdio function. It was introduced in version v4.16 and fixed in version v4.19.264. The actual impact and attack plausibility have no...

PT-2022-14183 · WordPress · Copyrightpro

Name of the Vulnerable Software and Affected Versions: Copyright Proof WordPress plugin versions 4.16 and earlier Description: The issue concerns a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being output via an AJAX action...

GSD-2022-1004828 virtio_net: fix xdp_rxq_info bug after suspend/resume

virtionet: fix xdprxqinfo bug after suspend/resume This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.250 by commit...

Copyright Proof <= 4.16 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting when a specific setting is enabled. To make it easier to verify the vulnerability without the nee...

CKEditor 4.0 < 4.16 Multiple ReDoS Vulnerabilities - Windows

CKEditor is prone to multiple regular expression denial of service ReDoS vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...

CVE-2019-3887

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister MSR access with nested=1 virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash t...

UBUNTU-CVE-2019-3887

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister MSR access with nested=1 virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash t...

AZL-6518 CVE-2018-16880 affecting package kernel for versions less than 5.10.78.1-1

A flaw was found in the Linux kernel's handlerx function in the vhostnet driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the...

CVE-2000-0455

CVE-2000-0455: A buffer overflow in the xlockmore xlock program (versions 4.16 and earlier) allows local users to read sensitive data from memory via a long -mode option. Affected component is xlockmore; root cause is a memory safety overrun in handling the -mode argument. Impact documented as pa...