Azure File Sync Agent v18.1 Release – June 2024 (KB5023058)

Security Update for Azure File Sync agent version 18.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v17.3 Release – June 2024 (KB5039814)

Security Update for Azure File Sync agent version 17.3.0.0. For more details, see the associated Microsoft Knowledge Base article...

Microsoft Azure File Sync Elevation of Privilege Vulnerability

...

Azure File Sync Agent v17.3 Release - June 2024 (Security-only update)

Azure File Sync Agent v17.3 Release - June 2024 Security-only update This article describes the improvements and issues that are fixed in the Azure File Sync Agent v17.1 release that is dated February 2024. Additionally, this article contains installation instructions for this release. Improvemen...

Azure File Sync Agent v18.1 Release - June 2024 (Security-only update)

Azure File Sync Agent v18.1 Release - June 2024 Security-only update This article describes the improvements and issues that are fixed in the Azure File Sync Agent v18.1 release that is dated June 2024. Additionally, this article contains installation instructions for this release. Improvements a...

KLA68916 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in Azure Storage Movement Client Library...

Microsoft Azure Backlink Vulnerability

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft Corporation USA. A backlink vulnerability exists in Microsoft Azure File Sync. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected:Azure Fi...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2024:3781)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3781 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

SUSE CVE-2024-26758

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in mdcheckrecovery mddevsuspend never stop syncthread, hence it doesn't make sense to ignore suspended array in mdcheckrecovery, which might cause syncthread can't be unregistered. After commit...

kernel: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work

A vulnerability was found in the Linux kernel's net rtl8xxxucore.c driver, where a race condition can lead to a use-after-free situation in the rtl8xxxustop function. This occurs when the workqueue is still running but the driver has been stopped and can lead to c2hcmdwork attempting to access...

PT-2024-27437 · Jan · Jan

Name of the Vulnerable Software and Affected Versions: Jan version 0.4.12 Description: The issue allows attackers to execute arbitrary code via uploading a crafted file to the "/v1/app/appendFileSync" interface. Recommendations: For Jan version 0.4.12, as a temporary workaround, consider disablin...

[SECURITY] Fedora 39 Update: rust-asahi-btsync-0.2.0-3.fc39

A tool to sync Bluetooth pairing keys with macos on ARM Macs...

PT-2024-4058 · Totolink · Totolink Lr350

Name of the Vulnerable Software and Affected Versions: TOTOLINK LR350 version V9.3.5u.6369 B20220309 Description: The issue is related to the NTPSyncWithHost function in the TOTOLINK LR350 router's firmware, which lacks input validation. This can be exploited by a remote attacker to execute...

SUSE CVE-2023-52847

In the Linux kernel, the following vulnerability has been resolved: media: bttv: fix use after free error due to btv-timeout timer There may be some a race condition between timer function bttvirqtimeout and bttvremove. The timer is setup in probe and there is no timerdelete operation in remove...

SUSE CVE-2024-36011

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in hcilebigsyncestablishedevt...

[SECURITY] Fedora 40 Update: nextcloud-28.0.5-2.fc40

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

Oracle Linux 8 : pcs (ELSA-2024-2953)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2953 advisory. - Fixed CVE-2024-25126, CVE-2024-26141, CVE-2024-26146 in bundled dependency rack Resolves: RHEL-26445, RHEL-26447, RHEL-26449 Tenable has extracted th...

DEBIAN-CVE-2021-47512

In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: prevent dismantle issue For some reason, fqpiedestroy did not copy working code from piedestroy and other qdiscs, thus causing elusive bug. Before calling deltimersync&q-adapttimer, we need to ensure timer will...

UBUNTU-CVE-2021-47512

In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: prevent dismantle issue For some reason, fqpiedestroy did not copy working code from piedestroy and other qdiscs, thus causing elusive bug. Before calling deltimersync&q-adapttimer, we need to ensure timer will...

CVE-2023-49575

A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14, in Sync Breeze Enterprise Server 10.4.18 version, and in Disk Pulse Enterprise 10.4.18 version, that could allow an attacker to execute persistent XSS through /setupsmtp in smtpserver, smtpuser, smtppassword an...