can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

...

firefox: thunderbird: Incorrect JavaScript state machine for generators

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...

firefox: thunderbird: Incorrect JavaScript state machine for generators

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...

CVE-2024-50234

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlegacy: Clear stale interrupts before resuming device iwl4965 fails upon resume from hibernation on my laptop. The reason seems to be a stale interrupt which isn't being cleared out before interrupts are enabled. We end u...

CVE-2024-50003 drm/amd/display: Fix system hang while resume with TBT monitor

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix system hang while resume with TBT monitor Why Connected with a Thunderbolt monitor and do the suspend and the system may hang while resume. The TBT monitor HPD will be triggered during the resume procedure an...

CVE-2024-27004

In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disableunused Doug reported 1 the following hung task: INFO: task swapper/0:1 blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40eb8 1 "echo 0...

Ghauri - An Advanced Cross-Platform Tool That Automates The Process Of Detecting And Exploiting SQL Injection Security Flaws

An advanced cross-platform tool that automates the process of detecting andexploiting SQL injection security flaws Requirements Python 3 Python pip3 Installation cd to ghauri directory. install requirements: python3 -m pip install --upgrade -r requirements.txt run: python3 setup.py install or...

GSD-2022-1006164 PM: hibernate: defer device probing when resuming from hibernation

PM: hibernate: defer device probing when resuming from hibernation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...

GSD-2022-1005893 PM: hibernate: defer device probing when resuming from hibernation

PM: hibernate: defer device probing when resuming from hibernation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...

CVE-2020-13350

CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are =13.5.0, =13.4.0, 13.4.5,13.3.9...

Croc - Easily And Securely Send Things From One Computer To Another

croc is a tool that allows any two computers to simply and securely transfer files and folders. AFAIK, croc is the only CLI file-transfer tool does all of the following: allows any two computers to transfer data using a relay provides end-to-end encryption using PAKE enables easy cross-platform...

August 11, 2020—KB4565351 (OS Builds 18362.1016 and 18363.1016) - EXPIRED

August 11, 2020—KB4565351 OS Builds 18362.1016 and 18363.1016 - EXPIRED NEW 8/5/21 EXPIRATION NOTICEIMPORTANT As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest securi...

[SECURITY] Fedora 29 Update: aria2-1.34.0-4.fc29

aria2 is a download utility with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/FTP/BitTorrent. It also supports Metalink version 3.0. Currently it has following features: - HTTP/HTTPS GET support - HTTP Proxy support - HTTP BASIC authentication support - HTTP Proxy...

[SECURITY] Fedora 28 Update: aria2-1.34.0-4.fc28

aria2 is a download utility with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/FTP/BitTorrent. It also supports Metalink version 3.0. Currently it has following features: - HTTP/HTTPS GET support - HTTP Proxy support - HTTP BASIC authentication support - HTTP Proxy...

[SECURITY] Fedora 30 Update: aria2-1.34.0-4.fc30

aria2 is a download utility with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/FTP/BitTorrent. It also supports Metalink version 3.0. Currently it has following features: - HTTP/HTTPS GET support - HTTP Proxy support - HTTP BASIC authentication support - HTTP Proxy...

June 14, 2016 — KB3163017 (OS Build 10240.16942)

June 14, 2016 — KB3163017 OS Build 10240.16942 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Microsoft Edge, and Windows Explorer. Improved...

GitLab: [Admin Panel] CSRF to resume/pause runner

Hi, Just found a CSRF in admin panel of gitlab instance to pause/resume runner. Steps to reproduce - http://gitlabinstance/admin/runners/:runnerid/resume - http://gitlabinstance/admin/runners/:runnerid/pause Video: ███████ password: ██████████ Impact Just found a CSRF in admin panel of gitlab...

WebKit: Use-after-free when resuming generator(CVE-2018-4218)

In WebKit, resuming a generator is implemented in JavaScript. An internal object property, @generatorState is used to prevent recursion within generators. In GeneratorPrototype.js, the state is checked by calling: var state = this.@generatorState; and set by calling: generator.@generatorState =...

[SECURITY] Fedora 26 Update: x2goserver-4.0.1.22-2.fc26

X2Go is a server based computing environment with - session resuming - low bandwidth support - session brokerage support - client side mass storage mounting support - audio support - authentication by smartcard and USB stick This package contains the main daemon and tools for X2Go server-side...

[SECURITY] Fedora 27 Update: x2goserver-4.0.1.22-2.fc27

X2Go is a server based computing environment with - session resuming - low bandwidth support - session brokerage support - client side mass storage mounting support - audio support - authentication by smartcard and USB stick This package contains the main daemon and tools for X2Go server-side...