Tagged: Cybersecurity Alert

In the Linux kernel, the following vulnerability has been resolved: media: pci: mg4b: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the `scan` structure is...

An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak default password of ionadmin,...

A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_25_05

In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: don’t rely on user vaddr alignment There is no guaranteed alignment for user pointers, however the calculation of an offset of the first...

In the Linux kernel, the following vulnerability has been resolved: pidfs: validate extensible ioctls Validate extensible ioctls stricter than we do now. More information : https://git.kernel.org/stable/c/3c17001b21b9f168c957ced9384abe969019b609

In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr: do not repeat pte_offset_map_lock() until success DAMON’s virtual address space operation set implementation (vaddr) calls pte_offset_map_lock() inside the page table walk callback function....

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriov_disable() first removes the PCI...

A flaw has been found in dayrui XunRuiCMS up to 4.7.1. This vulnerability affects unknown code of the file admin79f2ec220c7e.php?c=api&m=test_site_domain of the component Project Domain Change Test. This manipulation of the argument v causes...

A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image files. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_25_04

A vulnerability in FileStation file cgi allows remote authenticated users to read file metadata and path information. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_25_04

A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_25_04

A vulnerability in portenable cgi allows remote authenticated users to get the status of installed packages. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_25_04

A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1 of the component Add Data Validation Page. The manipulation of...

A vulnerability was detected in dayrui XunRuiCMS up to 4.7.1. This affects an unknown part of the file /admin79f2ec220c7e.php?c=api&m=demo&name=mobile of the component Domain Name Binding Page. The manipulation results in cross site scripting. The...