CVE-2025-68178

CVE-2025-68178 involves a Linux kernel deadlock in blk-cgroup configuration. The issue stems from locking order: blk_queue_enter() is taken with rq_qos_mutex held in blkg_conf_prep(), while queue freezing occurs with rq_qos_mutex held elsewhere. The dependency chain: sysfs_lock -> rq_qos_mutex...

[SECURITY] Fedora 42 Update: qt5-qtserialport-5.15.18-1.fc42

Qt Serial Port provides the basic functionality, which includes configuring, I/O operations, getting and setting the control signals of the RS-232 pinouts...

Appliance Installation Stuck on "Configuring addons"

Challenge During the deployment of a Veeam Backup & Replication v13 appliance Veeam Software Appliance, Veeam Infrastructure Appliance, or Veeam Hardened Repository, the installer stalls on the "Configuring addons" step. When this occurs, switching to tty1 Ctrl+Alt+F1, then using Alt+Tab to switc...

EUVD-2022-2760

Malicious code in bioql PyPI...

CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code...

CVE-2024-33044

CVE-2024-33044 involves memory corruption in Qualcomm closed‑source components triggered by improper configuration of the SMR/S2CR registers when operating in bypass mode. The vulnerability targets the handling of SMR/S2CR, and root cause is memory corruption due to bypass configuration. Impact i...

[SECURITY] Fedora 40 Update: iwd-2.21-1.fc40

The daemon and utilities for controlling and configuring the Wi-Fi network hardware...

[SECURITY] Fedora 40 Update: qt5-qtserialport-5.15.14-1.fc40

Qt Serial Port provides the basic functionality, which includes configuring, I/O operations, getting and setting the control signals of the RS-232 pinouts...

Phlex vulnerable to Cross-site Scripting (XSS) via maliciously formed HTML attribute names and values

There is a potential cross-site scripting XSS vulnerability that can be exploited via maliciously crafted user data. The reason these issues were not detected before is the escapes were working as designed. However, their design didn't take into account just how recklessly permissive browser are...

Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tags

Summary There is a potential cross-site scripting XSS vulnerability that can be exploited via maliciously crafted user data. Our filter to detect and prevent the use of the javascript: URL scheme in the href attribute of an tag could be bypassed with tab \t or newline \n characters between the...

BIT-MOODLE-2022-30599

A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria...

Apache NiFi 代码注入漏洞

Apache NiFi is an open source tool for building reliable and secure data pipelines. It supports collecting, aggregating and transferring data from a variety of sources and provides powerful data processing and transformation capabilities. A remote code execution vulnerability exists in Apache NiF...

How to Hide Tables in SQL Server Management Studio

By Owais Sultan SQL Server Management Studio SSMS is a software application developed by Microsoft that is used for configuring, managing,… This is a post from HackRead.com Read the original post: How to Hide Tables in SQL Server Management Studio...

Security Bulletin: Vulnerability from Apache Kafka affect IBM Operations Analytics - Log Analysis (CVE-2021-38153)

Summary Apache Kafka is vulnerable to timing attacks that could allow remote attacker to obtain sensitive information Vulnerability Details CVEID:CVE-2021-38153 DESCRIPTION: Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use o...

Optimizing a Web Application Security Scan for bWAPP

Today almost all organizations have an online presence, with more information accessible at the click of a mouse, making customer experiences much more frictionless. Yet the delivery of great experiences also opens the door to potential hackers intent on compromising the website and its APIs...

[SECURITY] Fedora 34 Update: ignition-2.14.0-1.fc34

Ignition is a utility used to manipulate systems during the initramfs. This includes partitioning disks, formatting partitions, writing files regular files, systemd units, etc., and configuring users. On first boot, Ignition reads its configuration from a source of truth remote URL, network...

[SECURITY] Fedora 36 Update: ignition-2.14.0-1.fc36

Ignition is a utility used to manipulate systems during the initramfs. This includes partitioning disks, formatting partitions, writing files regular files, systemd units, etc., and configuring users. On first boot, Ignition reads its configuration from a source of truth remote URL, network...

UBUNTU-CVE-2022-30599

A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria...

CVE-2022-0983

An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...

CVE-2022-0983

An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...