Gwyn's Imagemap Selector Security Vulnerabilities

OneNav Beta 0.9.12 Cross Site Scripting

...

Microsoft SharePoint Server 2019 Remote Code Execution

...

Microsoft SharePoint Server 2019 - Remote Code Execution (2)

...

Microsoft SharePoint Server 2019 - Remote Code Execution Exploit (2)

...

Security update for the Linux Kernel (important)

An update that solves 52 vulnerabilities and has 250 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2021-33200: Enforcing incorrect limits for pointer...

Security update for the Linux Kernel (important)

An update that solves 52 vulnerabilities and has 187 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2021-33200: Enforcing incorrect limits for pointer...

Oracle Auditing Part 2: Mandatory and Fine-Grained Auditing

This is the second of three articles on the topic of Oracle auditing. It is relevant to Oracle 10g, 11g, and 12c, although Unified Auditing in 12c makes some of this content irrelevant (if you choose to use Pure Unified Auditing). Unified Auditing will be covered in the third part of this series...

SAP Internet Graphics Server (IGS) - XML External Entity Injection

SAP Internet Graphics Servers (IGS) running versions 7.20, 7.20EXT, 7.45, 7.49, or 7.53 has two XML external entity injection (XXE) vulnerabilities within the XMLCHART page - CVE-2018-2392 and CVE-2018-2393. These vulnerabilities occur due to a lack of appropriate validation on the Extension HTML.....

Advisory ROSA-SA-2021-1835

Software: firefox 78.5.0 OS: Cobalt 7.9 CVE-ID: CVE-2020-12400 CVE-Crit: MEDIUM CVE-DESC: When converting coordinates from projective to affine, modular inversion was not performed in constant time, leading to a possible time-based side-channel attack. This vulnerability affects Firefox <80 and....

An EPYC escape: Case-study of a KVM breakout

Posted by Felix Wilhelm, Project Zero Introduction KVM (for Kernel-based Virtual Machine) is the de-facto standard hypervisor for Linux-based cloud environments. Outside of Azure, almost all large-scale cloud and hosting providers are running on top of KVM, turning it into one of the fundamental...

Kubernetes: AWS Load Balancer Controller can be used by an attacker to modify rules of any Security Group that they are able to tag

Report Submission Form Summary: The IAM Policy of AWS Load Balancer Controller allows it to modify rules of any SG on the AWS Account. This is legitimately used to manage Security Groups created by the controller when an Ingress resource doesn’t explicit a SG. Annotations can be added to the...

Security update for the Linux Kernel (important)

An update that solves two vulnerabilities and has 57 fixes is now available. Description: The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2021-29650: Fixed an issue with the netfilter subsystem that...

SUSE: Security Advisory (SUSE-SU-2017:2812-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2014:0761-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2017:2815-1)

The remote host is missing an update for...

Uncontrolled Resource Consumption in XNIO

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through...

Uncontrolled Resource Consumption in XNIO

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through...

Debian: Security Advisory (DLA-2678-1)

The remote host is missing an update for the...

Debian DLA-2678-1 : ruby-nokogiri security update

An XXE vulnerability was found in Nokogiri, a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. XML Schemas parsed by Nokogiri::XML::Schema were trusted by default, allowing external resources to be accessed over the network, potentially enabling XXE or SSRF....

[SECURITY] [DLA 2678-1] ruby-nokogiri security update

Debian LTS Advisory DLA-2678-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 06, 2021 https://wiki.debian.org/LTS Package : ruby-nokogiri Version : 1.6.8.1-1+deb9u1 CVE...

qemu security update

[15:4.2.1-9.el7] - Revert 'oslib-posix: refactor memory prealloc threads' (Mark Kanda) [Orabug: 32903662] - Revert 'oslib-posix: initialize backend memory objects in parallel' (Mark Kanda) [Orabug: 32903662] [15:4.2.1-8.el7] - i386/pc: let iterator handle regions below 4G (Joao Martins)...

Microsoft RDP Remote Code Execution

...

Microsoft RDP Remote Code Execution Exploit

...

CVE-2020-14340

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through...

CVE-2020-14340

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through...

CVE-2020-14340

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through...

CVE-2020-14340

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through...

Design/Logic Flaw

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through...

Arkhota - A Web Brute Forcer For Android

What? Arkhota is a web (HTTP/S) brute forcer for Android. Why? A web brute forcer is always in a hacker's computer, for obvious reasons. Sometimes attacks require to be quick or/and with minimal device preparation. Also a phone takes less attention rather than a laptop/computer. For this...

CVE-2020-14340

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through...

CVE-2020-14340

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through...

openSUSE Security Update : opera (openSUSE-2021-712)

This update for opera fixes the following issues : Update to version 76.0.4017.94 released on the stable branch Update to version 76.0.4017.88 CHR-8404 Update chromium on desktop-stable-90-4017 to 90.0.4430.85 DNA-92219 Add bookmark API supports to the front-end DNA-92409 [MAC]...

auth only works well with external functions

Handle gpersoon Vulnerability details Impact The auth modifier of AccessControl.sol doesn't work as you would expect. It checks if you are authorized for "msg.sig", however msg.sig is the signature of the first function you have called, not of the current function. So if you call function A, which....

openSUSE Security Update : the Linux Kernel (openSUSE-2021-758)

The SUSE Linux Enterprise 15 SP2 kernel RT was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was...

CVE-2021-32629

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in....

CVE-2021-32629

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in....

CVE-2021-32629

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in....

Heap overflow

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in....

PYSEC-2021-87

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in....

CVE-2021-32629 Memory access due to code generation flaw in Cranelift module

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in....

Security update for the Linux Kernel (important)

An update that solves 32 vulnerabilities and has 85 fixes is now available. Description: The SUSE Linux Enterprise 15 SP2 kernel RT was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2021-3444: Fixed an issue with the bpf verifier which did...

Security update for exim (critical)

An update that fixes 30 vulnerabilities is now available. Description: This update for exim fixes the following issues: exim was updated to 4.94.2: security update (boo#1185631) * CVE-2020-28007: Link attack in Exim's log directory * CVE-2020-28008: Assorted attacks in Exim's spool directory *...

Security update for exim (critical)

An update that fixes 26 vulnerabilities is now available. Description: This update for exim fixes the following issues: Exim was updated to exim-4.94.2 security update (boo#1185631) * CVE-2020-28007: Link attack in Exim's log directory * CVE-2020-28008: Assorted attacks in Exim's spool...

openSUSE Security Update : nim (openSUSE-2021-618)

This update for nim fixes the following issues : num was updated to version 1.2.12 : Fixed GC crash resulting from inlining of the memory allocation procs Fixed “incorrect raises effect for $(NimNode)” (#17454) From version 1.2.10 : Fixed “JS backend doesn’t handle float->int ...

openSUSE Security Update : the Linux Kernel (openSUSE-2021-716)

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-29650: The netfilter subsystem allowed attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and ...

openSUSE Security Update : exim (openSUSE-2021-677) (Stack Clash)

This update for exim fixes the following issues : Exim was updated to exim-4.94.2 security update (boo#1185631) CVE-2020-28007: Link attack in Exim's log directory CVE-2020-28008: Assorted attacks in Exim's spool directory CVE-2020-28014: Arbitrary PID file creation CVE-2020-28011:...

CVE-2021-29046

Cross-site scripting (XSS) vulnerability in the Asset module's category selector input field in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the...

CVE-2021-29046

Cross-site scripting (XSS) vulnerability in the Asset module's category selector input field in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the...

CVE-2021-29046

Cross-site scripting (XSS) vulnerability in the Asset module's category selector input field in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the...

Cross site scripting

Cross-site scripting (XSS) vulnerability in the Asset module's category selector input field in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the...