WordPress Captivate Sync plugin <= 2.0.22 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Captivate Sync versions = 2.0.22...

OPENSUSE-SU-2024:0382-1 Security update for cobbler

This update for cobbler fixes the following issues: Update to 3.3.7: Security: Fix issue that allowed anyone to connect to the API as admin CVE-2024-47533, boo1231332 bind - Fix bug that prevents cname entries from being generated successfully Fix build on RHEL9 based distributions fence-agents-a...

Security update for cobbler (important)

openSUSE Security Update: Security update for cobbler Announcement ID: openSUSE-SU-2024:0382-1 Rating: important References: 1203478 1204900 1205489 1205749 1206060 1206160 1206520 1207595 1209149 1219933 1231332 Cross-References: CVE-2024-47533 CVSS scores: CVE-2024-47533 SUSE: 9.8...

MAL-2024-11108 Malicious code in sync-ghes-actions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6392f0dcc6aab8ef4f6f380e3278d8b439e146ff540bd1c9e5b445a71ee577cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

kernel: mptcp: pm: Fix uaf in __timer_delete_sync

A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...

OPENSUSE-SU-2024:0370-1 Security update for cobbler

This update for cobbler fixes the following issues: Update to 3.3.7 Security: Fix issue that allowed anyone to connect to the API as admin CVE-2024-47533, boo1231332 bind - Fix bug that prevents cname entries from being generated successfully Fix build on RHEL9 based distributions fence-agents-al...

Security update for cobbler (critical)

openSUSE Security Update: Security update for cobbler Announcement ID: openSUSE-SU-2024:0370-1 Rating: critical References: 1231332 Cross-References: CVE-2024-47533 CVSS scores: CVE-2024-47533 SUSE: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP6 ...

SUSE CVE-2024-53086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Drop VM dma-resv lock on xesyncinfenceget failure in exec IOCTL Upon failure all locks need to be dropped before returning to the user. cherry picked from commit 7d1a4258e602ffdce529f56686925034c1b3b095...

DEBIAN-CVE-2024-53088

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

AZL-53954 CVE-2024-53088 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

UBUNTU-CVE-2024-53088

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

CVE-2024-53088 i40e: fix race condition by adding filter's intermediate sync state

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

CVE-2024-53088 i40e: fix race condition by adding filter's intermediate sync state

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

CVE-2024-53088 i40e: fix race condition by adding filter's intermediate sync state

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

kernel: mptcp: pm: Fix uaf in __timer_delete_sync

A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a VM dma-resv lock release on xesyncinfenceget failure. No detailed vulnerability details are provided at th...

SUSE-SU-2024:4011-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency bsc1213933 - Other changes and issues fixed: Delete unpackaged debug files for RHEL Do not include source files in the package for RHEL 9...

SUSE-SU-2024:4010-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency bsc1213933 - Other changes and issues fixed: Delete unpackaged debug files for RHEL Do not include source files in the package for RHEL 9...

SUSE-SU-2024:4006-1 Security update for SUSE Manager Server 4.3

This update fixes the following issues: cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start timeout for cobblerd unit bsc1219450 Provide syncsinglesystem for DHCP modules to improve performance bsc1219450...

CVE-2024-52522

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target...