PT-2021-8083 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the incorrect initialization of dev-work after calling input register device in the appletouch component of the Linux kernel. This may cause a warning in flush...

CVE-2021-45704

An issue was discovered in the metrics-util crate before 0.7.0 for Rust. There is a data race and memory corruption because AtomicBucket unconditionally implements the Send and Sync traits...

CVE-2021-45704

CVE-2021-45704 affects the Rust metrics-util crate prior to 0.7.0. The issue is a data race and potential memory corruption caused by AtomicBucket unconditionally implementing Send/Sync, which allows concurrent access to inner data that may not be Sync. Public advisories (Red Hat, OSV, GitHub, CN...

[SECURITY] Fedora 34 Update: calibre-4.23.0-8.fc34

Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...

Microsoft Azure Defender for IoT sync Endpoint SQL Injection Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Microsoft Azure Defender for IoT. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sync endpoint. The issue results from the lack of proper validation ...

A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22.

...

Azure File Sync Agent v14.1 Release – November 2021 (KB5001873)

Update for Azure File Sync agent version 14.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

Privilege Escalation

github.com/couchbase/syncgateway is vulnerable to privilege escalation. The vulnerability exists because of storage of bucket credentials in the metadata within sync documents written to the bucket, allowing a user with read privilege to perform write access to data in Couchbase Server. Note: Thi...

Azure File Sync Agent v14.1 Release – November 2021 (KB5001873)

Update for Azure File Sync agent version 14.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v14.1 Release – November 2021 (KB5001873)

Update for Azure File Sync agent version 14.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v14.1 Release – November 2021 (KB5001873)

Update for Azure File Sync agent version 14.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

CVE-2021-43820

Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether th...

CVE-2021-43820

Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether th...

CVE-2021-43820

Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether th...

Design/Logic Flaw

Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether th...

CVE-2021-43820

The CVE-2021-43820 entries describe a permissions-check bypass in Seafile: the in-memory sync token cache does not verify library association in the request URL, allowing a token to access data from any known library if the attacker discovers a library ID. Affected product: Seafile (Seaf-server t...

REST API Error: S3 Error: The difference between the request time and the current time is too large / Invalid Credentials for Amazon S3

Challenge This article covers two different errors that occur when performing different tasks, but have the same root cause: When adding S3 Object Storage to Veeam Console, Veeam displays the follow error: Failed to list S3 buckets: check if the specified account has required permissions REST API...

CVE-2021-43963

An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials used to read and write data in Couchbase Server were insecurely being stored in the metadata within sync documents written to the bucket. Users with read access could use these credentials to obtain writ...

CVE-2021-43963

An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials used to read and write data in Couchbase Server were insecurely being stored in the metadata within sync documents written to the bucket. Users with read access could use these credentials to obtain writ...

Design/Logic Flaw

An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials used to read and write data in Couchbase Server were insecurely being stored in the metadata within sync documents written to the bucket. Users with read access could use these credentials to obtain writ...