Fedoraproject ≫ Fedora

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM me...

Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough

Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default

Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export

Moodle before 2.2.2: Overview report allows users to see hidden courses

Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php

Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results

Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.