USN-6635-1: Linux kernel (GCP) vulnerabilities
It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a...
USN-6608-2: Linux kernel (NVIDIA) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation,...
USN-6626-2: Linux kernel vulnerabilities
Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use...
USN-6629-2: UltraJSON vulnerability
USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled...
SEC Consult SA-20240212-0 :: Multiple Stored Cross-Site Scripting vulnerabilities in Statamic CMS
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 13 SEC Consult Vulnerability Lab Security Advisory < 20240212-0 > ======================================================================= title: Multiple Stored...
Stored XSS and RCE – adaptcmsv3.0.3
Posted by Andrey Stoykov on Feb 13 # Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3 # Date: 02/2024 # Exploit Author: Andrey Stoykov #...
OXAS-ADV-2023-0007: OX App Suite Security Advisory
Posted by Martin Heiland via Fulldisclosure on Feb 13 Dear subscribers, We're sharing our latest advisory with you and like to thank everyone who contributed...
Android passkeys unexpectedly deleted or useless after sync
Posted by Erik van Straten (FD) on Feb 13 *INTRODUCTION* Passkeys on Android are stored in Google Password Manager by default. The user cannot make...
Buffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) & Username (CVE-2024-25004) Variables
Posted by Austin DeFrancesco via Fulldisclosure on Feb 13 Buffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) & Username (CVE-2024-25004) Variables ================================================================================================================================= Contents:...
Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input (CVE-2024-23749)
Posted by Austin DeFrancesco via Fulldisclosure on Feb 13 Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input (CVE-2024-23749) =========================================================================================== Contents: --------- Summary...