CVE-2023-29195 Vitess VTAdmin users that can create shards can deny access to other functions

Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing / characters from VTAdmin such that from that point on, anyone who tries to create a new shard fr...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1873)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Client BSOD Code APC_INDEX_MISMATCH when Launch ICA Session

Client BSOD code APCINDEXMISMATCH when launch ICA session...

PT-2025-25877 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue has been identified in the Linux kernel's firmware loader. The problem occurs during the unregister process, where the device unregister call could result in the...

PT-2025-26116 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the simplification of devm spi register controller. The issue arises when devm add action fails in devm add action or...

PT-2025-26026 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue occurs when a task is descheduling and is requeued on a CPU that is excluded from the cpus mask. This can trigger a...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2023-1806)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack...

CVE-2021-40331 Permissions problem in the Apache Ranger Hive Plugin

An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled This issue affects Apache Ranger Hive Plugin: from...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerability (USN-6056-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6056-1 advisory. It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a...

CVE-2023-21119

CVE-2023-21119 is listed in the Pixel May 2023 security bulletin as a DoS vulnerability in the Hardware Composer service . Affected product family: Google Pixel devices; subtype: hardware/compositor component. Severity is noted as Moderate . The remediation guidance is to apply patch level 2023-0...

NetScaler Virtual Server Becomes Inaccessible Because of IP Conflict Issue

NetScaler virtual server becomes inaccessible because of IP conflict issue...

ADC upgrade failed with error code 1

Getting error code 1 while upgrading ADC Upgrade through CLI if GUI fails during Citrix ADC upgrade from 13.0 to 13.1 got failed with below error. "there was a problem with your upload. Failed with error code:1, please try again"...

Stored XSS and CSP Bypass in KiwiTCMS

Description Stored XSS, also known as persistent XSS, is the more damaging of the XSS. It occurs when a malicious script is injected directly into a vulnerable web application. Due to a sanitization problem it is possible to perform a Stored XSS. The problem is that the upload function permit...

PT-2023-35798 · Git +1 · Wabt

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash has been reported with an unknown write issue. The crash involves the std:: 1::allocator traits and std:: 1::vector functions, specifically with...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP4) (SUSE-SU-2023:2035-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2035-1 advisory. This update for the Linux Kernel 5.14.21-15040022 fixes several issues. The following security issues were fixed: - CVE-2023-0590: Fixed race...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP4) (SUSE-SU-2023:2043-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2043-1 advisory. This update for the Linux Kernel 5.14.21-1504002418 fixes several issues. The following security issues were fixed: - CVE-2023-0590: Fixed race...

SUSE SLES15: kernel-livepatch-5_3_18-150200_24_139-default / etc (SUSE-SU-2023:1995-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1995-1 advisory. This update for the Linux Kernel 5.3.18-15020024139 fixes several issues. The following security issues were fixed: - CVE-2023-0590: Fixed race...

SUSE SLES12 Security Update : kernel (Live Patch 28 for SLE 12 SP4) (SUSE-SU-2023:1971-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1971-1 advisory. This update for the Linux Kernel 4.12.14-95102 fixes several issues. The following security issues were fixed: - CVE-2023-0590: Fixed race...

Fail to delete vdisk from console "vDisk Properties Were lost"

The files of vdisk, pvp and lok has been removed from store. then delete vdisk from pvs console failed with error "vDisk Properties Were lost"...

Apache DolphinScheduler Authorization Issues Vulnerability

Apache DolphinScheduler is a distributed DAG visualization-based workflow task scheduling system from the Apache Apache Foundation in the United States. Apache DolphinScheduler suffers from an authorization problem vulnerability that stems from the presence of incorrect authentication, which can ...