EUVD-2018-10406

Malware in sbrugna...

SUSE CVE-2024-26836

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed if Admin password is enabled. Tested on some Thinkpads to...

CVE-2022-34621

Mealie 1.0.0beta3 was discovered to contain an Insecure Direct Object Reference IDOR vulnerability which allows attackers to modify user passwords and other attributes via modification of the userid parameter...

CVE-2018-18690

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfsattrshortformaddname in fs/xfs/libxfs/xfsattr.c...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4299)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4299 advisory. - xfs: don't call xfsdashrinkinode with NULL bp Eric Sandeen Orabug: 28898616 CVE-2018-13094 - ALSA: rawmidi: Change resized buffers atomically...

kernel: filesystem corruption due to an unchecked error condition during an xfs attribute change

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfsattrshortformaddname in fs/xfs/libxfs/xfsattr.c...

Design/Logic Flaw

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfsattrshortformaddname in fs/xfs/libxfs/xfsattr.c...

CVE-2018-18690

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfsattrshortformaddname in fs/xfs/libxfs/xfsattr.c...

UBUNTU-CVE-2018-18690

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfsattrshortformaddname in fs/xfs/libxfs/xfsattr.c...

Zimbra Collaboration Server Mail Interface Cross-Site Request Forgery Vulnerability

Zimbra Collaboration Server ZCS is a suite of email and collaboration solutions from Zimbra, USA. The solution provides email, contacts, calendaring, file sharing, social networking, and more. A cross-site request forgery vulnerability exists in the Mail interface of Zimbra Collaboration Server...

Cisco WebEx Social Client-Side Restriction Bypass Attribute Change Vulnerability

A vulnerability in the user management page of WebEx Social could allow an authenticated, remote attacker to inject arbitrary values into the Screen Name, Email Address, First Name, Middle Name, Last Name, and Job Title fields. The vulnerability is due to insufficient server-side validation of...

CVE-2012-3459

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor...