5 matches found
PT-2023-26173 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.0.6 of the stable branch Discourse versions prior to 3.1.0.beta7 of the beta and tests-passed branches Description: Discourse is an open source discussion platform. The issue allows more users than permitted to b...
CVE-2023-3389
A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59...
PT-2023-12730 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.8.14 on the stable branch Discourse versions prior to 2.9.0.beta16 on the beta and tests-passed branches Description: The issue affects the parsing of posts in Discourse, making it susceptible to regular expressi...
[SECURITY] [DSA 432-1] New crawl packages fix potential local games exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 432-1 [email protected] http://www.debian.org/security/ Martin Schulze February 3rd, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 298-1] New EPIC4 packages fix DoS and arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 298-1 [email protected] http://www.debian.org/security/ Martin Schulze May 2nd, 2003 http://www.debian.org/security/faq -...