CLSA-2026-1779124021 firewalld: Fix of CVE-2026-4948

CVE-2026-4948: use PKACTIONCONFIG instead of PKACTIONCONFIGINFO for setZoneSettings2 and setPolicySettings to require config-write authorization...

CLSA-2026-1778887961 firewalld: Fix of CVE-2026-4948

CVE-2026-4948: use PKACTIONCONFIG for setZoneSettings2/setPolicySettings to require write authorization...

SUSE CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

CVE-2026-4948

The CVE-2026-4948 entry concerns firewalld where a local unprivileged user can exploit mis-authorization of two runtime D-Bus setters (setZoneSettings2 and setPolicySettings). This allows modifying the runtime firewall state without authentication, leading to unauthorized changes in network secur...

CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

PT-2026-28678

Name of the Vulnerable Software and Affected Versions firewalld affected versions not specified Description A flaw exists in firewalld that allows a local unprivileged user to modify the runtime firewall state without proper authentication. This is possible due to mis-authorization of two runtime...

EUVD-2021-15890

Malware in sbrugna...

EUVD-2020-28403

Malware in sbrugna...

[SECURITY] Fedora 42 Update: pam-1.7.0-6.fc42

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

CVE-2021-29251

BTCPay Server before 1.0.7.1 mishandles the policy setting in which users can register in Server Settings Policies. This affects Docker use cases in which a mail server is configured...

Session Recording 2402 - Sessions not getting recorded even though Session Recording is enabled

When the user logs on, users were not seeing the Session Recording notification and also the sessions did not get recorded. We can see some 0KB files on the server side. Session Recording policy was set to record sessions for all users with notification. Session Recording Agent was configured to...

Streamlining Microsoft Teams Roaming with Citrix Profile Management: A Guide for Administrators

This guide provides Citrix administrators with a concise and practical approach to configuring Microsoft Teams roaming with Citrix Profile Management UPM. It consolidates key information and best practices to ensure a smooth and efficient implementation. Prerequisites 1. Teams Roaming Enablement:...

November 14, 2023—KB5032189 (OS Builds 19044.3693 and 19045.3693) - EXPIRED

November 14, 2023—KB5032189 OS Builds 19044.3693 and 19045.3693 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --...

CVE-2023-51652

OWASP AntiSamy .NET is a library for performing cleansing of HTML coming from untrusted sources. Prior to version 1.2.0, there is a potential for a mutation cross-site scripting mXSS vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerabilit...

OWASP.AntiSamy mXSS when preserving comments

Impact There is a potential for a mutation XSS mXSS vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the preserveComments directive must be enabled in your policy file and also allow for certain tags at the same time. As a result,...

December 12, 2023—KB5033372 (OS Builds 19044.3803 and 19045.3803) - EXPIRED

December 12, 2023—KB5033372 OS Builds 19044.3803 and 19045.3803 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --...

In XenServer, fixed data drives show as removable data drives to BitLocker

BitLocker incorrectly reports that XenVbd disks are 'Removable data drives' and suggests that you use BitLocker To Go with them. However, the physical hardware and emulated NVMe drives show as 'Fixed data drives' and suggest that you use BitLocker. Some Group Policy settings might get confused by...

'Use server time zone' setting not getting applied through Studio policy

PVS Target Device - Use server time zone policy is not getting applied on server 2019 VDA. Citrix Policy "Use local time of client" is Configured. Value set to use time zone of user session server time zone. Registry key: HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services...