Advisory ROSA-SA-2026-3306

Component: PHP 7.4.33 OS: ROSA-CHROME Affected versions: = php-7.4.33-13 Affected versions: php-7.4.33-13 CVE-ID: CVE-2024-5458 BDU-ID: 2024-04846 CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability in the filtervar function of the PHP interpreter involves insufficient validation of data...

AZL-54692 CVE-2024-56738 affecting package grub2 2.06-16

GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...

CVE-2024-53143 fsnotify: Fix ordering of iput() and watched_objects decrement

In the Linux kernel, the following vulnerability has been resolved: fsnotify: Fix ordering of iput and watchedobjects decrement Ensure the superblock is kept alive until we're done with iput. Holding a reference to an inode is not allowed unless we ensure the superblock stays alive, which fsnotif...

WordPress Elementor plugin <= 3.24.5 - Authenticated (Contributor+) Basic Information Exposure via get_image_alt function vulnerability

Authenticated Contributor+ Basic Information Exposure via getimagealt function vulnerability discovered by stealthcopter in WordPress Plugin Elementor Website Builder versions = 3.24.5...