CVE-2026-9047

CVE-2026-9047 concerns Devolutions Server for versions 2026.1.6.0 through 2026.1.16.0. The issue is described as improper handling of factor key state in the multi‑factor authentication management feature, enabling an attacker who knows a user’s password to bypass MFA after the user reconfigures ...

UBUNTU-CVE-2024-52867

guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...

CVE-2021-47558

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...

CVE-2021-47558 net: stmmac: Disable Tx queues when reconfiguring the interface

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...

CVE-2021-47558 net: stmmac: Disable Tx queues when reconfiguring the interface

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...

CVE-2021-47558

The CVE-2021-47558 issue affects Linux kernel’s net:stmmac driver. The bug occurred because Tx queues were not disabled when stopping an interface to apply new configuration, potentially causing a kernel panic during: (1) reconfiguring queue numbers (ethtool -L), (2) resizing ring buffers (ethtoo...

CVE-2023-4956

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...

CVE-2023-4956 Quay: clickjacking on config-editor page severity

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...

Missing permission check in Jenkins Implied Labels Plugin allows reconfiguring the plugin

Implied Labels Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to configure the plugin. Implied Labels Plugin 0.7 requires Overall/Administer permission to configure the plugin...

SilverStream database structure

It is possible to download the remote SilverStream database structure by requesting : http://www.example.com/SilverStream/Meta/Tables/?access-mode=text SPDX-FileCopyrightText: 2002 Tor Houghton Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...