GHSA-5R85-6H7F-RG3R Moodle's non-searchable tags can still be discovered on the tag search page and in the tags block

Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block...

GSD-2023-1000730 mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host()

mmc: rtsxusbsdmmc: fix return value check of mmcaddhost This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000569 nvme-auth: don't override ctrl keys before validation

nvme-auth: don't override ctrl keys before validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2022-1001796 bfq: fix use-after-free in bfq_dispatch_request

bfq: fix use-after-free in bfqdispatchrequest This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit...

GSD-2022-1001019 net: ipv4: fix route with nexthop object delete warning

net: ipv4: fix route with nexthop object delete warning This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.3 by commit...

GSD-2022-1000447 mm: don't try to NUMA-migrate COW pages that have other uses

mm: don't try to NUMA-migrate COW pages that have other uses This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.25 by commit...

Iranian state-sponsored APT group MuddyWater targeting organizations via malicious executables

THREAT LEVEL: Red. United States Cyber Command USCYBERCOM has warned of an ongoing cyber attack by Iranian state sponsored actor named as MuddyWater. This APT group is currently targeting Middle Eastern countries and has also targeted European and North American nations. The Iranian-backed...

GSD-2021-1002678 sit: do not call ipip6_dev_free() from sit_init_net()

sit: do not call ipip6devfree from sitinitnet This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.168 by commit...

Unix Software Discovery Commands Available

Nessus was able to determine that it is possible for plugins to find and identify versions of software on the target host. Software that is not managed by the operating system is typically found and characterized using these commands. This was measured by running commands used by unmanaged softwa...

Unix Software Discovery Commands Not Available

Nessus found problems running commands on the target host which are used to find software that is not managed by the operating system. Details of the issues encountered are reported by this plugin. Failure to properly execute commands used to find and characterize unmanaged software on the target...

UVI-2021-1001287 dm btree remove: assign new_root only when removal succeeds

dm btree remove: assign newroot only when removal succeeds This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.51 by commit...