Windows 365 Cloud PC VDAs registration getting stuck at initializing state

Windows 365 Cloud PC VDAs getting stuck at initializing state, users cannot access the desktop On the VDA, Citrix Gateway service NGS logs located in "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Citrix\Ngs" directory will show the below errors. TimeStamp=2025-03-18T07:18:59.591082Z...

CVE-2024-58091

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...

CVE-2024-58091 drm/fbdev-dma: Add shadow buffering for deferred I/O

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...

CVE-2024-58091 drm/fbdev-dma: Add shadow buffering for deferred I/O

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

uberAgent shows no data is being found for the Citrix Cloud environment

uberAgent logging shows no errors for connectivity to Citrix Cloud, but shows that no data about the environment is being found. 2025-03-12 10:00:50.000 -0400,DEBUG,ORG,HOSTNAME,2264,GetInformation,No Citrix site information found.2025-03-12 10:00:50.000...

Directus's S3 assets become unavailable after a burst of HEAD requests

Summary There's some tools that use Directus to sync content and assets. Some of those tools use HEAD method, like Shopify, to check the existence of files. Although, when making many HEAD requests at once, at some point, all assets are being served as 403. Details When I was investigating this...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

CVE-2025-27810

CVE-2025-27810 affects Mbed TLS prior to 2.28.10 and 3.x prior to 3.6.3. In some failed memory allocation or hardware error scenarios, the library may use uninitialized stack memory to compose the TLS Finished message, potentially enabling authentication bypasses such as replays. Impact is descri...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

NetScaler -13.1 56.18 - Non-recoverable : potential damage: system hardware in jeopardy or damaged

The Citrix NetScaler SDX 16000 appliance may exhibit the following symptoms: The appliance reports critical voltage errors in the ns.log and system message logs, indicating potential hardware damage. Specific Log Entries: The following log entries, or similar variations, are observed: Mar 9...

CVE-2025-26485

A vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts in case of the usage of a wrong password or a non existent user. The difference in the returned error messages could be used by attackers to understand whether a certain user is...

Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: CVE-2024-46818: drm/amd/display: Check gpioid before used as array index bsc1231204. CVE-2024-50302: HID: core: zero-initialize the report buffer bsc1233679. CVE-2022-48792: scsi: pm800...

GO-2025-3516 Cosmos SDK can halt when erroring in EndBlocker in github.com/cosmos/cosmos-sdk/

Cosmos SDK can halt when erroring in EndBlocker in github.com/cosmos/cosmos-sdk/...

PHP 8.1.x < 8.1.32 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.32, 8.2.x prior to 8.2.28, 8.3.x prior to 8.3.19, or 8.4.x prior to 8.4.5. It is, therefore, affected by multiple vulnerabilities: - libxml streams use wrong content-type header wh...

ROS-20250318-01

A vulnerability in the net component of the Linux kernel is related to the dereferencing of a NULL pointer in the sockcreate function in net/socket.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service A vulnerability in the net component of t...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

uberAgent service startup fails with error 13

uberAgent service is not running. Attempt to start the service fails. Error message: Windows could not start the uberAgent service on Local Computer.Error 13: The data is invalid. uberAgent log file located in C:\Windows\Temp default location shows the errors: 2025-03-17 10:23:55.706...

CVE-2025-2321

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this issue is some unknown functionality of the file /api/mjkj-chat/cgform-api/addData/. The manipulation of the argument chatUserID leads to business logic errors. The attack may be...