28 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fixed a deadlock in r5lexitlog. The commit b13015af94cf “md/raid5-cache: Clear conf-log after finishing work” introduced a new problem: // The caller holds reconfigmutex r5lexitlog flushwork&log-disablewritebackwo...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013766)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013766 advisory. In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpiputtable to fix memory leak The start and length of the event log area are...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Both Apple iOS and Apple iPadOS have security vulnerabilities, which stem from improper log cleanup. These...
DEBIAN-CVE-2023-53848
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5lexitlog Commit b13015af94cf "md/raid5-cache: Clear conf-log after finishing work" introduce a new problem: // caller hold reconfigmutex r5lexitlog flushwork&log-disablewritebackwork...
Pentest-and-Development-Tips
Pentest-and-Development-Tips A collection of pentest and development tips Author: 3gstudent Click on me to view the English version 声明 以下技巧不应用于非法用途 --- Tips 1. 手动端口探测 nmap的-sV可以探测出服务版本,但有些情况下必须手动探测去验证 使用Wireshark获取响应包未免大材小用,可通过nc简单判断 eg. 对于8001端口,nc连接上去,随便输入一个字符串,得到了以下结果: $ nc -vv localhost 8001...
Start the cron Daemon Properly
The cron daemon is used to execute batch processing jobs on the system. Even if the OS does not have user jobs that need to be run, some system jobs need to be run, including important jobs such as security monitoring. The cron daemon is used to execute these jobs. If the cron daemon is not start...
SUSE CVE-2022-48833
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
CVE-2022-48833
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
CVE-2022-48833
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
CVE-2022-48833
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
CVE-2022-48833 btrfs: skip reserved bytes warning on unmount after log cleanup failure
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
CVE-2022-48833
CVE-2022-48833 involves the btrfs code in the Linux kernel. After patches addressing: (1) btrfs: clear extent buffer uptodate when we fail to write it and (2) btrfs: check WRITE_ERR when reading an extent buffer, unmounts could leave space reservations in block groups/log tree extents uncleared i...
CVE-2022-48833 btrfs: skip reserved bytes warning on unmount after log cleanup failure
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
CVE-2022-48833 btrfs: skip reserved bytes warning on unmount after log cleanup failure
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
CVE-2022-48833
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
CVE-2022-3923 ActiveCampaign for WooCommerce < 1.9.8 - Subscriber+ Error Log Cleanup
The ActiveCampaign for WooCommerce WordPress plugin before 1.9.8 does not have authorisation check when cleaning up its error logs via an AJAX action, which could allow any authenticated users, such as subscriber to call it and remove error logs...
ActiveCampaign for WooCommerce < 1.9.8 - Subscriber+ Error Log Cleanup
The plugin does not have authorisation check when cleaning up its error logs via an AJAX action, which could allow any authenticated users, such as subscriber to call it and remove error logs. Run the below command in the developer console of the web browser while being on the blog as a subscribe...
CVE-2022-29414
Multiple 13x Cross-Site Request Forgery CSRF vulnerabilities in WPKube's Subscribe To Comments Reloaded plugin mass update settings, manage subscriptions add a new subscription, update subscription, delete Subscription...
WordPress plugin Subscribe To Comments Reloaded 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Subscribe To Comments Reloaded plugin 211130 and earlier versions are vulnerable to cross-site...