The vulnerability of the PowerScale OneFS operating system, related to access control errors, allows attackers to escalate their privileges.

The vulnerability of the PowerScale OneFS operating system is related to access control errors. Exploiting this vulnerability can allow an attacker to increase their privileges...

Vulnerability of the Server component: The Oracle MySQL Server database management system’s DDL functions allow attackers to cause service interruptions.

Vulnerability of the Server component: The DDL system for managing databases, Oracle MySQL Server, is vulnerable to authentication errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

OWA not accessible on Secure Web iOS when Extended Protection is Enabled

After enabling Extended Protection on Exchange Server 2019 CU14, accessing OWA via Secure Web iOS is no longer possible. Users accessing Outlook Web Access OWA through Secure Web on iOS are continuously getting http 401 login prompt. The issue is not seen when using other browsers like Chrome or...

The vulnerability of the Screenshots component in iPadOS and iOS operating systems allows attackers to disclose protected information.

The vulnerability of the Screenshots component in iPadOS and iOS operating systems is related to security configuration errors. Exploiting this vulnerability can allow attackers to disclose sensitive information that should be protected...

The vulnerability of the Windows Enroll Engine component in Windows operating systems allows a hacker to bypass security restrictions.

The vulnerability of the Windows Enroll Engine component in Windows operating systems is related to errors in verifying the cryptographic signature. Exploiting this vulnerability could allow a perpetrator to circumvent security restrictions...

The vulnerability of the JT Open Toolkit (JTTK) and PLM XML SDK development tools is related to pointer assignment errors, which allow attackers to trigger a service failure.

The vulnerability of the JT Open Toolkit JTTK and PLM XML SDK development tools is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to trigger a service failure by loading a specially created malicious XML file...

AZL-68246 CVE-2022-48833 affecting package kernel for versions less than 5.15.186.1-1

In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...

DEBIAN-CVE-2022-48833

In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...

CVE-2024-6570 Glossary <= 2.2.26 - Unauthenticated Full Path Disclosure

The Glossary plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.26. This is due the plugin utilizing wpdesk and not preventing direct access to the test files along with displayerrors being enabled. This makes it possible for unauthenticated...

PT-2024-37726 · WordPress · Glossary Plugin

Name of the Vulnerable Software and Affected Versions: Glossary plugin for WordPress versions up to, and including, 2.2.26 Description: The issue is due to the plugin utilizing wpdesk and not preventing direct access to the test files, along with display errors being enabled. This allows...

PT-2024-37714 · WordPress · Schedulepress

Name of the Vulnerable Software and Affected Versions: SchedulePress – Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post Publisher plugin for WordPress versions up to, and including, 5.1.3 Description: The issue is due to the plugin utilizing th...

ROS-20210716-02

A vulnerability in the DICOM DCMTK library is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to cause a denial of service Vulnerability of the library for working with DICOM DCMTK format is related to allocation of heap memory for parsing the data, b...

Citrix Virtual Apps and Desktop - Machine Creation (MCS, PVS, App Layering)

Introduction This article is a summary of the top support articles related to Machine Creation including MCS, PVS and App Layering Top Support Knowledge Content Host Connections and Resource Errors CTX224551 - Delivery Controller cannot contact vCenter server after certificate update on vCenter...

XenServer VM Tools

Introduction Instances where XenServer encounters various errors while installing XenServer VM tools Overview of the Issue In different situations, XenServer has some issues when installing VM tools, possibly due to various factors. This article will outline different scenarios and potential...

Citrix Endpoint Management: Active Directory Issues

Introduction Active Directory AD integration issues in XenMobile can range from synchronization errors to authentication failures and configuration complications. This series of articles offers troubleshooting guidance and best practices to address these challenges, ensuring smooth operation and...

Error: The Pool Failed to Enable External Authentication in XenServer

When attempting to enable external pool authentication in a XenServer 5.6 Feature Pack 1 pool, the operation fails with one or more of the following errors: “Error: The pool failed to enable external authentication.” “Error: Enabling Active Directory Authentication on pool '' - Could not enable...

CIFS ISO Mount Disconnecting Intermittently

Mounting out ISO from a CIFS ISO Storage Repository SR disconnects intermittently, and causes boot ISOs to disappear and bounced servers unable to boot. The /var/log/messages log is displayed as following: CIFS VFS: No response for cmd 50 mid 3457CIFS VFS: No response for cmd 50 mid 63007CIFS VFS...

License Acquisition Error 500 Occurs and Workspace Control Fails

Users are unable to connect to XenApp farm and receive the following error message: “license acquisition error 500: Unable to acquire a license from server name server. Please contact your system administrator or open the event viewer for more details." If users connect through Web Interface and...

Session Timeout are Not Applied on StoreFront Servers

Session timeout are not applied on the StoreFront servers. When a user tries to log on or launch an application the following error is displayed: Logon has expired. Restarting the Wallet services and upgrading to StoreFront 2.6 did not resolve the issue...

How to use PING to check for proper MTU level for fragmentation for storage networks

There are many times in XenServer environments where the customer will have implemented MTU of 9000 to be able to enjoy the benefits of Jumbo Frames. While this is 100% supported, it is not 100% recommended. For the best customer experience we need to be able to suggest, test, and implement the...