SUSE-SU-2023:2126-1 Security update for cfengine, cfengine-masterfiles

This update for cfengine, cfengine-masterfiles fixes the following issues: Changes in cfengine: - cfengine3.target: removed, replaced by upstream cfengine3.service - In version 3.15.0, cfengine core split off libutils and libcompat directories as libntech. We include both together as we do not us...

The vulnerability of the verity_ctr() function in the drivers/md/dm-verity-target.c module of the device-mapper subsystem in the Linux operating system allows a attacker to execute arbitrary code and connect vulnerable hardware devices.

The vulnerability of the verityctr function in the drivers/md/dm-verity-target.c file of the device-mapper subsystem in the Linux operating system is related to the lack of verification for the types of tables that are loaded. Exploiting this vulnerability allows an attacker with administrative...

biz.lobachev.annette:application_2.13 (>=0.1.2 <=0.3.0), biz.lobachev.annette:attributes_2.13 (>=0.1.2 <=0.2.5) +71 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.13 (>=1.0.4 <=4.0.1)

com.typesafe.akka:akka-stream-kafka2.13 MAVEN version =1.0.4, =0.1.2, =0.1.2, =0.1.2, =0.3.0, =0.1.2, =0.1.2, =0.3.0, =0.3.0, =1.0.1, =22.10.0, =0.1.6, =0.1, =0.0.0-NIGHTLY01122020, =back-to-core-SNAPSHOT-4 and more Source cves: CVE-2023-29471 Source advisory: OSV:GHSA-55VQ-XPJF-R2XC...

CVE-2023-29950

swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDsfillstyle at modules/swftools.c...

CVE-2023-29950

swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDsfillstyle at modules/swftools.c...

CVE-2023-29950

swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDsfillstyle at modules/swftools.c...

CVE-2023-29950

swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDsfillstyle at modules/swftools.c...

CVE-2023-29950

swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDsfillstyle at modules/swftools.c...

GHSA-G36H-4JR6-QMM9 Improper input validation in Drupal core

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

Improper input validation in Drupal core

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

CVE-2022-25278

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...

CVE-2022-25278

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...

UBUNTU-CVE-2022-25278

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...

CVE-2022-25273

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

Input validation

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

UBUNTU-CVE-2022-25273

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

CVE-2022-25278

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...

PT-2023-12781 · Drupal · Drupal

Name of the Vulnerable Software and Affected Versions: Drupal core versions prior to the fixed version Description: The form API in Drupal core has a vulnerability that affects certain contributed or custom modules' forms, making them susceptible to improper input validation. This could allow an...

CVE-2022-25278

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...

CVE-2022-25273

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...