Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure that the write index cannot be negative. The write index indicates which event the data corresponds to and accesses a per-file array. This index is passed by user processes during write calls as the fir...

GHSA-PFCQ-4GJR-6GJM RustFS: Missing admin authorization on notification target endpoints allows unauthenticated configuration of event webhooks

Missing Admin Auth on Notification Target Endpoints in RustFS Finding Summary All four notification target admin API endpoints in rustfs/src/admin/handlers/event.rs use a checkpermissions helper that validates authentication only access key + session token, without performing any admin-action...

CVE-2026-39889 PraisonAI has Unauthenticated SSE Event Stream Exposes All Agent Activity in A2U Server

PraisonAI is a multi-agent teams system. Prior to 4.5.115, the A2U Agent-to-User event stream server in PraisonAI exposes all agent activity without authentication. The createa2uroutes function registers the following endpoints with NO authentication checks: /a2u/info, /a2u/subscribe,...

SUSE CVE-2023-54139

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write calls as the first 4 bytes. Ensure...

EUVD-2023-60306

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write calls as the first 4 bytes. Ensure...

CVE-2023-54139

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write calls as the first 4 bytes. Ensure...

CVE-2023-54139

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write calls as the first 4 bytes. Ensure...

UBUNTU-CVE-2023-54139

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write calls as the first 4 bytes. Ensure...

CVE-2023-54139 tracing/user_events: Ensure write index cannot be negative

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write calls as the first 4 bytes. Ensure...

CVE-2023-54139

The CVE-2023-54139 entry concerns the Linux kernel component tracing/user_events. The vulnerability arises from a write() path where the event write index, supplied by user data as the first 4 bytes, can be negative, leading to out-of-bounds access to a per-file event array. The root cause is imp...

CVE-2023-54139 tracing/user_events: Ensure write index cannot be negative

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write calls as the first 4 bytes. Ensure...

PT-2025-53216

In the Linux kernel, the following vulnerability has been resolved: tracing/user events: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write calls as the first 4 bytes. Ensure...

EUVD-2018-4366

Malware in sbrugna...

Announcing The Wordfence Audit Log: Off-Site Real-Time Security Event Logging for WordPress

Today the Wordfence team is proud to announce an exciting new feature: The Wordfence Audit Log, included in the Wordfence 8.0 release. The audit log captures and stores security-related events on your website as they happen, and sends them securely to an off-site location to protect them from...

AZL-48692 CVE-2024-43891 affecting package kernel for versions less than 6.6.51.1-1

In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...

DEBIAN-CVE-2024-43891

In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...

SUSE CVE-2024-27067

In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoid WARN when unbinding an event channel When unbinding a user event channel, the related handler might be called a last time in case the kernel was built with CONFIGDEBUGSHIRQ. This might cause a WARN in the handle...

BIT-MATTERMOST-2023-1775

When running in a High Availability configuration, Mattermost fails to sanitize some of the userupdated and postdeleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients...

SUSE CVE-2018-12392

When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...

Access Restriction Bypass

Moodle is vulnerable to access restriction bypass. The calendar:manageentries capability are not restricted from accessing user level events, allowing user with manager role to edit user events...