CVE-2023-45935

Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms. NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server...

CVE-2024-26646 thermal: intel: hfi: Add syscore callbacks for system-wide PM

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remains...

[SECURITY] Fedora 39 Update: exercism-3.3.0-1.fc39

Exercism provides a way to do the problems on https://exercism.io. This CLI ships as a binary with no additional run-time requirements. This mea ns that if you're doing the Haskell problems on exercism you don't need a working Python or Ruby environment simply to fetch and submit exercises...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3683-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for virtualbox (openSUSE-SU-2023:0166-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid memory allocation in iommususpend The iommususpend syscore suspend callback is invoked with IRQ disabled. Allocating memory with the GFPKERNEL flag may re-enable IRQs during the suspend callback, which can cause...

CVE-2023-52559

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid memory allocation in iommususpend The iommususpend syscore suspend callback is invoked with IRQ disabled. Allocating memory with the GFPKERNEL flag may re-enable IRQs during the suspend callback, which can cause...

CVE-2023-52559

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid memory allocation in iommususpend The iommususpend syscore suspend callback is invoked with IRQ disabled. Allocating memory with the GFPKERNEL flag may re-enable IRQs during the suspend callback, which can cause...

Update 21.16 for Microsoft Dynamics 365 Business Central (on-premises) 2022 Release Wave 2 (Application Build 21.16.63199, Platform Build 21.0.63175)

Update 21.16 for Microsoft Dynamics 365 Business Central on-premises 2022 Release Wave 2 Application Build 21.16.63199, Platform Build 21.0.63175 Overview This update replaces previously released updates. You should always install the latest update. This update also fixes a vulnerability. For mor...

Update 22.10 for Microsoft Dynamics 365 Business Central 2023 Release Wave 1 (Application Build 22.10.63195, Platform Build 22.0.63124)

Update 22.10 for Microsoft Dynamics 365 Business Central 2023 Release Wave 1 Application Build 22.10.63195, Platform Build 22.0.63124 Overview This update replaces previously released updates. You should always install the latest update. This update also fixes a vulnerability. For more informatio...

Friday Squid Blogging: A Penguin Named “Squid”

Amusing story about a penguin named "Squid." As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

Some keyboard shortcuts may not work when external Windows keyboard is used along with CWA for iOS

When using external Windows keyboard attached to iOS device, you may not be able to use some keyboard shortcut combinations in Citrix session. Examples: Use of 'Windows key' may not give desired result. Cannot highlight multiple items files in explorer or cells in a spreadsheet by keeping 'Ctrl'...

RHEL 8 : libssh (RHSA-2024:0538)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0538 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...

Studio will not open with error "A working 'Storefront' service could not be found"

Storefront is installed on the DDC. After successfully upgrading both Storefront servers to CVAD 2203 CU3, Studio fails to open with the following error. After clicking on "View Details" another error appears: "A working 'Storefront' service could not be found" Error Id: XDDS:E354580F Exception:...

Issues identified on devices running Android 14 that impact restrictions set by SecureHub.

On Android 14, some admin-set UserManager restrictions may be permanently applied on reboot, preventing SecureHub from effectively un-setting those restrictions. Affected settings are in Appendix A 2. On the upgrade from Android 13 to Android 14, some admin-set UserManager restrictions may be...

CentOS 7 : firefox (RHSA-2023:7509)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7509 advisory. - On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read and leak memory data into the images...

Android 14 - Google Zero Touch (ZrT) Enrollment Issues

Unable to enroll Galaxy devices running Android 14 through zero-touch enrollment. Currently, the following models are affected: Galaxy S22, S23 Galaxy A33, A34, A52s, A53, A54...

RHEL 7 : thunderbird (RHSA-2023:7505)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7505 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.5.0. Security Fixes: Mozilla:...

RHEL 8 : thunderbird (RHSA-2023:7503)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7503 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.5.0. Security Fixes: Mozilla:...

CVE-2023-6209

The Mozilla Foundation Security Advisory describes this flaw as: Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites...