KB5077474 - Description of the security update for SQL Server 2016 SP3 GDR: March 10, 2026

KB5077474 - Description of the security update for SQL Server 2016 SP3 GDR: March 10, 2026 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...

EUVD-2012-4325

Malware in sbrugna...

CVE-2023-53207

CVE-2023-53207 applies to the Linux kernel ublk subsystem. The issue arises in ublk_ctrl_end_recovery: if wait_for_completion_interruptible() is interrupted by a signal, queues aren’t yet fully set up, so the kernel must fail UBLK_CMD_END_USER_RECOVERY to avoid a kernel oops. The CVSS 3.1 data in...

CVE-2023-53207 ublk: fail to recover device if queue setup is interrupted

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDENDUSERRECOVERY,...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...

CVE-2023-37303

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In certain situations, an attempt to block a user fails after a temporary browser hang and a DBQueryDisconnectedError error message...

BIT-JOOMLA-2021-26037 [20210703] - Core - Lack of enforced session termination

An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked...

Upgraded Q -> 2 from #8 [1703832984112]

Judge has assessed an item in Issue 8 as 2 risk. The relevant finding follows: Remove WLP from whitelist should not block user from removing WLP --- The text was updated successfully, but these errors were encountered: All reactions...

CVE-2023-37303

CVE-2023-37303 affects MediaWiki’s CheckUser extension up to 1.39.3, where attempting to block a user can hang the browser and trigger a DBQueryDisconnectedError, potentially impacting availability of user-blocking functionality. Connected advisories corroborate a vulnerability in MediaWiki-relat...

CVE-2022-39229 Grafana users with email as a username can block other users from signing in

Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, th...

Unrestricted vestFor

Handle pauliax Vulnerability details Impact Anyone can call function vestFor and block any user with a tiny amount of Vader. This function has no auth checks so a malicious actor can front-run legit vestFor calls with insignificant amounts. This function locks the user for 365 days and does not...

CVE-2021-26037

An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked...

PT-2021-16930 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.27 Description: An issue was discovered in the CMS functions where existing user sessions were not properly terminated when a user's password was changed or the user was blocked. Recommendations: For Joomla!...

Moodle 信息泄露漏洞

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. There is a security vulnerability in moodle that stems from viewing the full name of another user without permission via the online use...

DEBIAN-CVE-2018-13097

An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect userblockcount in a corrupted f2fs image, leading to a denial of service BUG...

Linux kernel denial of service vulnerability (CNVD-2018-12667)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial-of-service vulnerability exists in fs/f2fs/super.c in 4.17.3 and earlier versions of the Linux kernel. An...

UBUNTU-CVE-2018-13097

An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect userblockcount in a corrupted f2fs image, leading to a denial of service BUG...

CVE-2012-4382

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt...

Design/Logic Flaw

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt...

CVE-2012-4382

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt...