Zimbra Collaboration Suite (ZCS) 10.0 and 10.1 contains a reflected cross-site scripting (XSS) vulnerability in the Classic Webmail REST interface (/h/rest). The application fails to properly sanitize user-supplied input, allowing an unauthenticated attacker to inject malicious JavaScript into a cr…

In the Linux kernel, the following vulnerability has been resolved: io_uring: ensure ctx->rings is stable for task work flags manipulation If DEFER_TASKRUN | SETUP_TASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORING_SQ_TASKRUN to happen i…

SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd.

In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlan_common_newlink() error path valis reported that a race condition still happens after my prior patch. macvlan_common_newlink() might have made @dev visible before detecting an error…

In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions (iptunnel_xmit, ip6tunnel_xmit) lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tun…

An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. An XML External Entity (XXE) vulnerability exists in the Zimbra Exchange Web Services (EWS) SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by an XML pa…

Zimbra Collaboration (ZCS) 10.0 and 10.1 contains an LDAP injection vulnerability in the Mailbox SOAP service within a FolderAction operation. The application fails to properly sanitize user-supplied input before incorporating it into an LDAP search filter. An authenticated attacker can exploit thi…

File Thinghie 2.5.7 is vulnerable to Cross Site Scripting (XSS). A malicious user can leverage the "dir" parameter of the GET request to invoke arbitrary javascript code.

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. I…

File Thingie 2.5.7 is vulnerable to Directory Traversal. A malicious user can leverage the "create folder from url" functionality of the application to read arbitrary files on the target system.