UBUNTU-CVE-2023-6932

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...

CVE-2023-6932 Use-after-free in Linux kernel's ipv4: igmp component

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...

Fortinet FortiOS Access Control Error Vulnerability

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An Access Control Error...

New PoolParty Process Injection Techniques Outsmart Top EDR Solutions

A new collection of eight process injection techniques, collectively dubbed PoolParty, could be exploited to achieve code execution in Windows systems while evading endpoint detection and response EDR systems. SafeBreach researcher Alon Leviev said the methods are "capable of working across all...

SUSE: Security Advisory (SUSE-SU-2023:4672-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:4672-1 Security update for suse-build-key

This update for suse-build-key fixes the following issues: This update runs a import-suse-build-key script. The previous libzypp-post-script based installation is replaced with a systemd timer and service bsc1217215 bsc1216410 jscPED-2777. - suse-build-key-import.service -...

PT-2023-36296 · Suse · Suse-Build-Key

Name of the Vulnerable Software and Affected Versions: suse-build-key affected versions not specified Description: This issue involves an update for suse-build-key that replaces the previous libzypp-post-script based installation with a systemd timer and service. The update imports the future SUS...

Citrix Server Idle Timer Policy does not take effect for Server VDA

Citrix Server Idle Timer Policy does not take effect for All Server VDA ConfigureServer Idle Timer Policy Interval on 2203CU1 DDC for all the Server VDA , but after reach time limit , there is no expected Idle windows pop up...

The vulnerability of the batadv_dat_start_timer() function in the distributed-arp-table.c module of the B.A.T.M.A.N. network interface card of the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the batadvdatstarttimer function in the distributed-arp-table.c module of the B.A.T.M.A.N. network interface card of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow a attacker to cause a service failure...

CVE-2023-47533

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin = 1.8.2 versions...

CVE-2023-47533

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin = 1.8.2 versions...

CVE-2023-47533

CVE-2023-47533 affects the WordPress plugin Countdown and CountUp, WooCommerce Sales Timer (

CVE-2022-33898

Insecure inherited permissions in some IntelR NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-33898

CVE-2022-33898 describes insecure inherited permissions in the Intel NUC Watchdog Timer software installer prior to version 2.0.21.0, potentially allowing an authenticated user to escalate privileges via local access. The Red Hat advisory reiterates the same description and lists affected Intel N...

WordPress Plugin Countdown and CountUp, WooCommerce Sales Timer Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

Rocky Linux 9 : kernel (RLSA-2022:7318)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7318 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting t...

Oracle Linux 8 : kernel (ELSA-2020-3010)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3010 advisory. - vfio vfio/pci: Fix SR-IOV VF handling with MMIO blocking Alex Williamson 1837309 1837310 CVE-2020-12888 - x86 kvm: Clean up host's steal time structu...

ADC License in Grace Despite Being Connected. Not moving from 720 hours

ADC is connected to the license server connected to ADM or ADM Agent but are in grace state. show ns licenseserver License Server: xxxx.cloud.com Port: 27000 Status: Connected Grace: Yes Grace Time Left: 720 --- Timer never goes below 720 Done...

WordPress Countdown Timer Ultimate Plugin <= 2.4 is vulnerable to Broken Access Control

Software Countdown Timer Ultimate Type Plugin Vulnerable versions = 2.4 Fixed in 2.4.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40200 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 02b1dc1f96b2 Credits Abdi Pranata Required...

The vulnerability of the `cyttsp4_stop_wd_timer()` function in the `drivers/input/touchscreen/cyttsp4_core.c` file of the touchscreen sensor driver for the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the cyttsp4stopwdtimer function in the drivers/input/touchscreen/cyttsp4core.c file of the Cypress TrueTouch Gen4 touchscreen driver for the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources race condition...