DEBIAN-CVE-2022-49174

In the Linux kernel, the following vulnerability has been resolved: ext4: fix ext4mbmarkbb with flexbg with fastcommit In case of flexbg feature which is by default enabled, extents for any given inode might span across blocks from two different block group. ext4mbmarkbb only reads the bufferhead...

CVE-2022-49667

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free after 802.3ad slave unbind commit 0622cab0341c "bonding: fix 802.3ad aggregator reselection", resolve case, when there is several aggregation groups in the same bond. bond3adunbindslave will...

CVE-2022-49197 af_netlink: Fix shift out of bounds in group mask calculation

In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the multicast...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from bfq not updating the cgroup information before merging the bio...

DEBIAN-CVE-2025-26597

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

AZL-57283 CVE-2025-26597 affecting package xorg-x11-server 1.20.10-6

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

UBUNTU-CVE-2025-26597

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

Moodle's feedback response viewing and deletions did not respect Separate Groups mode

Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities...

Incorrect Authorization

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Incorrect Authorization due to improper enforcement of access controls in the feedback response handling process. An attacker can view or delete feedback responses by exploiting the lack of proper...

GHSA-PXG4-XJP7-W9C5 Moodle's feedback response viewing and deletions did not respect Separate Groups mode

Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities...

CVE-2025-26526

Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities...

UBUNTU-CVE-2025-26526

Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities...

CVE-2025-26526 Feedback response viewing and deletions did not respect Separate Groups mode

Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities...

CVE-2025-26526 Feedback response viewing and deletions did not respect Separate Groups mode

Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities...

CVE-2025-26526

CVE-2025-26526 affects Moodle: Separate Groups mode restrictions were not factored into permission checks when viewing or deleting Feedback activity responses. Root cause: permission checks for viewing/deleting Feedback responses fail to account for grouping, enabling improper access or deletion ...

Inside the Telegram Groups Doxing Women for Their Facebook Posts

A WIRED investigation goes inside the Telegram groups targeting women who joined “Are We Dating the Same Guy?” groups on Facebook with doxing, harassment, and sharing of nonconsensual intimate images...

OESA-2025-1144 protobuf security update

Protocol Buffers a.k.a., protobuf are Google's language-neutral, platform-neutral, extensible mechanism for serializing structured data. You can find protobuf's documentation on the Google Developers site. Security Fixes: Any project that parses untrusted Protocol Buffers data containing an...

Cosmos SDK: Groups module can halt chain when handling a malicious proposal

Name: ASA-2025-003: Groups module can halt chain when handling a malicious proposal Component: CosmosSDK Criticality: High Considerable Impact; Likely Likelihood per ACMv1.2 Affected versions: = v0.47.15, = 0.50.11 Affected users: Validators, Full nodes, Users on chains that utilize the groups...

GHSA-X5VX-95H7-RV4P Cosmos SDK: Groups module can halt chain when handling a malicious proposal

Name: ASA-2025-003: Groups module can halt chain when handling a malicious proposal Component: CosmosSDK Criticality: High Considerable Impact; Likely Likelihood per ACMv1.2 Affected versions: = v0.47.15, = 0.50.11 Affected users: Validators, Full nodes, Users on chains that utilize the groups...

PT-2025-7650 · Cosmossdk · Cosmossdk

Name of the Vulnerable Software and Affected Versions: CosmosSDK versions = 0.47.15 CosmosSDK versions = 0.50.11 Description: An issue was discovered in the groups module where a malicious proposal would result in a division by zero, and subsequently halt a chain due to the resulting error. Any...