kernel: ALSA: usb-audio: Fix potential memory leaks

A memory leak was found in the Linux kernel's USB audio driver in the synchronization endpoint URB allocation path. When memory allocation fails partway through allocating URBs for a sync endpoint, the error handling code fails to release the partially allocated URBs because the endpoint's URB...

kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free

A use-after-free vulnerability was found in the Linux kernel Intel i915 graphics driver's GuC virtual engine request handling. A local user with access to GPU rendering can create requests on GuC virtual engines and trap references via syncfile or dmabuf, causing fence release operations to acces...

sync-solutions.be Cross Site Scripting vulnerability OBB-3311413

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2025-8570 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A data-race issue exists around sysctl fib sync mem in the Linux kernel. The problem occurs because sysctl fib sync mem can be changed concurrently while being read, which can lead to...

CVE-2023-30844 Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints

Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in mutagen and prior to version 0.17.1 in mutagen-compose, Mutagen list and monitor commands are susceptible to control characters that could be provided by remote...

Design/Logic Flaw

IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370...

PT-2023-22999 · Mutagen +1 · Mutagen +1

Name of the Vulnerable Software and Affected Versions: Mutagen versions prior to 0.16.6 Mutagen versions prior to 0.17.1 mutagen-compose versions prior to 0.17.1 Description: The issue affects Mutagen's list and monitor commands, making them susceptible to control characters provided by remote...

Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection

Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as CVE-2023-27350 CVSS score: 9.8, the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticate...

Google’s Authenticator App Now Lets You Sync 2FA Codes Across Devices

You can now sync sign-in codes across devices—but they aren’t end-to-end encrypted...

Google Authenticator App Gets Cloud Backup Feature for TOTP Codes

Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords TOTPs to the cloud. "This change means users are better protected from lockout and...

April 25, 2023—KB5025297 (OS Build 19045.2913) Preview

April 25, 2023—KB5025297 OS Build 19045.2913 Preview 3/21/23 REMINDER After March 21, 2023, there are no more optional, non-security preview releases for the supported editions of Windows 10, version 20H2 and Windows 10, version 21H2. Only cumulative monthly security updates known as the "B" or...

Spring cleaning tips for your browser

When you are resting up from the physical part of your spring cleaning and youre sitting behind your laptop or swiping left on your phone, why dont you speed up your browsing experience with a few simple actions? Lets start with your browser, as that usually has the most impact on your perception...

sync-sign.com Cross Site Scripting vulnerability OBB-3262624

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

openSUSE 15 Security Update : nextcloud-desktop (openSUSE-SU-2023:0090-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0090-1 advisory. - Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client...

com.openshift.jenkins:openshift-pipeline (>=1.0.22 <=1.0.57), io.fabric8.jenkins.plugins:openshift-sync (>=0.0.8 <=1.0.45) potentially affected by CVE-2023-30513 via org.csanchez.jenkins.plugins:kubernetes (>=0.10 <=1.18.2)

org.csanchez.jenkins.plugins:kubernetes MAVEN version =0.10, =1.0.22, =0.0.8, =1.0.45 Source cves: CVE-2023-30513 Source advisory: OSV:GHSA-V5HQ-CQQR-6W4G...

In the Linux kernel through 6.2.8 net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element but do not.

...

Azure File Sync Agent v16.0 Release – January 2023 (KB5013877)

Update for Azure File Sync agent version 16.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v16.0 Release – January 2023 (KB5013877)

Update for Azure File Sync agent version 16.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v16.0 Release – January 2023 (KB5013877)

Update for Azure File Sync agent version 16.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v16.0 Release – January 2023 (KB5013877)

Update for Azure File Sync agent version 16.0.0.0. For more details, see the associated Microsoft Knowledge Base article...