PT-2024-26801

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the btrfs file system. The issue occurs when quota groups are enabled, and the error paths of certain operations do not...

CVE-2024-29033

OAuthenticator provides plugins for JupyterHub to use common OAuth providers, as well as base classes for writing one's own Authenticators with any OAuth 2.0 provider. GoogleOAuthenticator.hosteddomain is used to restrict what Google accounts can be authorized access to a JupyterHub. The...

Important: Red Hat Security Advisory: ovn22.03 security update

An update for ovn22.03 is now available in Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: ovn22.12 security update

An update for ovn22.12 is now available in Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: ovn23.06 security update

An update for ovn23.06 is now available in Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: ovn23.03 security update

An update for ovn23.03 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2021-47116

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4mbinitbackend on error path. Fix a memory leak discovered by syzbot when a file system is corrupted with an illegally large sloggroupsperflex...

DEBIAN-CVE-2021-47116

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4mbinitbackend on error path. Fix a memory leak discovered by syzbot when a file system is corrupted with an illegally large sloggroupsperflex...

PT-2024-21637 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to the latest version Description: The issue affects Discourse, an open source platform for community discussion. Users allowed to invite others can inject arbitrarily large data in parameters used in the invite route...

kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...

CVE-2023-45793

A vulnerability has been identified in Siveillance Control All versions = V2.8 V3.1.1. The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only ha...

Design/Logic Flaw

A vulnerability has been identified in Siveillance Control All versions = V2.8 V3.1.1. The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only ha...

CVE-2023-45793

A vulnerability has been identified in Siveillance Control All versions = V2.8 V3.1.1. The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only ha...

CVE-2023-45793

A vulnerability has been identified in Siveillance Control All versions = V2.8 V3.1.1. The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only ha...

Siemens Siveillance Control 安全漏洞

Siemens Siveillance Control is a security management platform from Siemens that integrates video surveillance, access control, intrusion detection and other functions to help organizations achieve comprehensive monitoring and management of buildings, facilities and people. An authorization bypass...

PT-2024-17455

Name of the Vulnerable Software and Affected Versions: The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress versions up to, and including, 6.5.4 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the...

PT-2024-2331 · Unknown · Siveillance Control

Name of the Vulnerable Software and Affected Versions: Siveillance Control versions 2.8 through 3.1.1 Description: A vulnerability has been identified in the affected product, related to insufficient checks on the list of access groups assigned to individual users. This could enable a locally...

OESA-2024-1251 cri-o security update

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. Security Fixes: Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to t...

Exit Scam: BlackCat Ransomware Group Vanishes After $22 Million Payout

The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. "ALPHV/BlackCat did not get seized. They are exit scamming their affiliates," security researcher Fabian Wosar said. "It is...

BIT-GITLAB-2021-39876

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...