CVE-2021-47184

A NULL pointer dereference flaw was found in the Linux kernel, in VSI filter sync. This may lead to a crash...

WordPress Sheets to WP Table Live Sync plugin <= 3.5.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin FlexTable versions = 3.5.0...

WordPress Sync Post With Other Site plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) to XSS vulnerability

Cross Site Request Forgery CSRF to XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Sync Post With Other Site versions = 1.9.1...

WordPress Sync Post With Other Site Plugin <= 1.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Sync Post With Other Site Type Plugin Vulnerable versions = 1.8 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32082 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 54246cdaae95 Credits Joshua Chan...

CVE-2021-47184

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...

CVE-2021-47184

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...

CVE-2021-47184

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...

CVE-2021-47184 i40e: Fix NULL ptr dereference on VSI filter sync

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...

CVE-2021-47184 i40e: Fix NULL ptr dereference on VSI filter sync

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...

CVE-2021-47184

CVE-2021-47184 relates to the Linux kernel issue where a NULL pointer dereference could occur in the VSI filter synchronization (i40e driver). The patch adds an I40E_VSI_RELEASING flag to coordinate VSI resource deletion/release with the sync filters subtask and removes the cause of the dereferen...

CVE-2021-47184

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...

CD: Users with `create` but not `override` privileges can perform local sync

A flaw was found in the Argo CD package. An improper validation bug allows users to sync local manifests on app creation, who have create privileges but not override privileges. All other restrictions, including AppProject restrictions, are still enforced. The only restriction that is not enforce...

Important: Red Hat Security Advisory: GitOps 1.12.1- Argo CD CLI and MicroShift GitOps security update

An update is now available for Red Hat OpenShift GitOps v1.12.1 for Argo CD CLI and MicroShift GitOps. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

SUSE CVE-2024-26756

In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.10.4 security update

An update is now available for Red Hat OpenShift GitOps v1.10.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.3 security update

An update is now available for Red Hat OpenShift GitOps v1.11.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Sync-Scheduler: The Premier Document Stealer

...

CVE-2024-31851

A path traversal vulnerability exists in the Java version of CData Sync 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...

CVE-2024-31851

CVE-2024-31851 – Path traversal in CData Sync (Java, embedded Jetty) Affected software: CData Sync Java edition prior to 23.4.8843 running with the embedded Jetty server. Vulnerability: Path traversal vulnerability allowing an unauthenticated remote attacker to access sensitive information and pe...

CVE-2024-31851

A path traversal vulnerability exists in the Java version of CData Sync 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...