ALSA-2026:18421 Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

oxia 竞争条件问题漏洞

Oxia is a distributed metadata storage and coordination system developed by Oxia. Versions of Oxia prior to 0.16.2 had a race condition vulnerability. This vulnerability stemmed from a race between session heartbeat processing and session termination, which could lead to server crashes due to...

curl: Negotiate Authentication Premature on Connection Reuse

Summary: Curl 8.19.0+ inappropriately sends Negotiate authentication headers on reused keep-alive connections where authentication was already completed. Commit ab650379a8 June 2025 moved negotiate auth context to on-demand metadata storage, but during connection reuse the metadata gets cleared...

[SECURITY] Fedora 41 Update: luksmeta-10-1.fc41

LUKSMeta is a command line utility for storing small portions of metadata in the LUKSv1 header for use before unlocking the volume...

[SECURITY] Fedora 43 Update: luksmeta-10-1.fc43

LUKSMeta is a command line utility for storing small portions of metadata in the LUKSv1 header for use before unlocking the volume...

Telegram-Story-Scraper - A Python Script That Allows You To Automatically Scrape And Download Stories From Your Telegram Friends

A Python script that allows you to automatically scrape and download stories from your Telegram friends using the Telethon library. The script continuously monitors and saves both photos and videos from stories, along with their metadata. Important Note About Story Access ⚠️ Due to Telegram API...

WordPress Plugin Breakdance 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-4605

CVE-2024-4605 (Breakdance for WordPress) is a remote code execution vulnerability reported for all versions up to 1.7.1. The issue arises from Breakdance storing custom data in post metadata without an underscore prefix, enabling lower-privileged users (e.g., contributors) to edit data via the UI...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

PT-2023-26331 · Datalust +1 · Datalust Seq +1

Name of the Vulnerable Software and Affected Versions: Datalust Seq versions prior to 2023.2.9489 Description: The issue allows insertion of sensitive information into an externally accessible file or directory. This can be exploited when external metadata storage, such as SQL Server or PostgreSQ...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

CVE-2023-38195

Datalust Seq versions prior to 2023.2.9489 are affected. The issue allows insertion of sensitive information into externally accessible files or directories when external metadata storage (SQL Server or PostgreSQL) is used, and exploitation requires a high-privilege user. Remediation: upgrade to ...

Remote Code Execution (RCE)

swiftonfile is vulnerable to remote code execution. A flaw was found in the way swiftonfile gluster-swift serialized and stored metadata on disk by using Python's pickle module. A remote, authenticated user could use this flaw to execute arbitrary code on the storage node...

CVE-2017-1000391

Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metadata related to 'people', which encompasses actual user accounts, as well as users appearing in SCM, in directories corresponding to the user ID on disk. These directories used the user ID for their name without additional...

swiftonfile: use of insecure Python pickle for metadata serialization and storage

A flaw was found in the way swiftonfile gluster-swift serialized and stored metadata on disk by using Python's pickle module. A remote, authenticated user could use this flaw to execute arbitrary code on the storage node...