The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding “!= 0” comparisons to the…

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac…

A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created…

A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a segmentation fault and denial of service in png_setup_paeth_row() function. Zafiyet…

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null…

A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in…

A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where…

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an…

In Moodle, in some circumstances, email notifications of messages could have the link back to the original message hidden by HTML, which may pose a…

In Moodle, Users’ names required additional sanitizing in the account confirmation email, to prevent a self-registration phishing risk. Zafiyet ile ilgili Genel Bilgi, Etki ve…