Astra Linux - уязвимость в mbedtls

A timing side channel in mbedtlsssldecryptbuf in library/sslmsg.c in Trusted Firmware Mbed TLS from version 2.23.0 allows an attacker to obtain secret key information. This issue affects the CBC mode, as it involves a calculated time difference based on the padding length...

Egress Policy Bypass via DNS over HTTPS (DoH) in Harden-Runner (Community Tier)

Summary A vulnerability exists in the Community Tier of Harden-Runner that allows bypassing the egress-policy: block network restriction using DNS over HTTPS DoH. Harden-Runner secures GitHub Actions workflows on runners by applying network policies, including an allowed-endpoints configuration...

PHP 安全漏洞

PHP is a scripting language executed server-side by PHP Open Source. A security vulnerability exists in PHP versions prior to 8.1.34, 8.2.30, 8.3.29, 8.4.16, and 8.5.1, which stems from the getimagesize function in multi-block mode that may leak uninitialized heap memory, potentially leading to...

Linux Distros Unpatched Vulnerability : CVE-2016-1864

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attacker...

Veeam Kasten for Kubernetes - vSphere Block Mode Exports Failure With Error 14009

Challenge During vSphere block mode export, in certain situations, it might be observed that the folders/objects get created in the storage bucket. However, the export job remains stuck, and the following error message is seen in the debug logs: "Open virtual disk file failed. The error code is...

SUSE CVE-2024-36966

In the Linux kernel, the following vulnerability has been resolved: erofs: reliably distinguish block based and fscache mode When erofskillsb is called in block dev based mode, sbdev may not have been initialised yet, and if CONFIGEROFSFSONDEMAND is enabled, it will be mistaken for fscache mode,...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.325.5.el8 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...

USN-6026-1 vim vulnerabilities

It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS. CVE-2021-4166 It was discovered that Vim was using freed memory when dealing...

CLSA-2023-1679925211 Fix CVE(s): CVE-2023-1170

SECURITY UPDATE: Accessing invalid memory with put in Visual block mode - debian/patches/CVE-2023-1170: Adjust the cursor column if needed - CVE-2023-1170...

CLSA-2022-1657182572 Fixed CVEs in vim: CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720

CVE-2022-2125: add checking for NUL to avoid running over the end of line - CVE-2022-1720: do not include the NUL in the length to avoid reading past end of line with "gf" in Visual block mode - CVE-2022-2124: add checking for NUL to avoid running over the end of line - CVE-2022-2129: disallow...

USN-5433-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled parsing of filenames in its search functionality. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. CVE-2021-3973 It was discovered that Vim incorrectly handled memo...

EDR in block mode stops IcedID cold

We are happy to announce the general availability of endpoint detection and response EDR in block mode in Microsoft Defender for Endpoint. EDR in block mode turns EDR detections into real-time blocking of malicious behaviors, malware, and artifacts. It uses Microsoft Defender for Endpoint’s...

EDR in block mode stops IcedID cold

We are happy to announce the general availability of endpoint detection and response EDR in block mode in Microsoft Defender for Endpoint. EDR in block mode turns EDR detections into real-time blocking of malicious behaviors, malware, and artifacts. It uses Microsoft Defender for Endpoint’s...

Debian: Security Advisory (DLA-1560-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-1864

The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL...

UBUNTU-CVE-2016-1864

The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL...