Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Properly handle cases where an enclosure contains only one primary component. This fix reverts to commit 3fe97ff3d949 “scsi: ses: Do not attach if the enclosure has no components”. It also introduces proper handling fo...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992531)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992531 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit...

EUVD-2017-8260

Malware in sbrugna...

CVE-2023-53431

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Don't attach if enclosure has no components An enclosure with no components can't usefully be operated by the driver since effectively it has nothing to manage, so report the problem and don't attach. Not attaching als...

Linux Distros Unpatched Vulnerability : CVE-2017-17094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks...

MetaGuardian: Enhancing Voice Assistant Security through Advanced Acoustic Metamaterials

We present MetaGuardian, a voice assistant VA protection system based on acoustic metamaterials. MetaGuardian can be directly integrated into the enclosures of various smart devices, effectively defending against inaudible, adversarial and laser attacks without relying on additional software...

nodejs-glob-parent: Regular expression denial of service

A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent...

Cisco 7000 Series IP Camera Memory Leak Vulnerability

The Cisco 7000 Series IP cameras are 5 megapixel, high definition, outdoor fixed dome cameras in vandal resistant enclosures with pan/tilt/zoom functionality.The Cisco 7000 Series IP camera implementation of Link Layer Discovery Protocol LLDP in firmware versions prior to 2.12.4 is vulnerable to ...

WordPress 4.0.x < 4.0.21 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - wp-admin/user-new.php sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access...

WordPress 4.9.x < 4.9.1 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - wp-admin/user-new.php sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access...

Security Bulletin: A vulnerability in Open Source Apache Tomcat affect the IBM FlashSystem V840, (CVE-2014-0230)

Summary There is a vulnerability in Open Source Apache Tomcat that is used by the IBM FlashSystem V840 which allows remote attackers to cause a denial of service under certain scenarios. Vulnerability Details CVE-ID: CVE-2014-0230 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service,...

CVE-2017-17094

wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks via a crafted URL...

CVE-2017-17094

wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks via a crafted URL...

DEBIAN-CVE-2017-17094

wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks via a crafted URL...

wordpress -- multiple issues

wordpress developers reports: Use a properly generated hash for the newbloguser key instead of a determinate substring. Add escaping to the language attributes used on html elements. Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds. Remove the ability to upload...