ESpace 7910; ESpace 7950; ESpace 8950 Security Vulnerabilities

CVE-2021-40848

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV...

CVE-2021-40848

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV...

Input validation

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV...

CVE-2021-40848

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV...

Description of the security update for SharePoint Foundation 2013: October 12, 2021 (KB5002042)

Description of the security update for SharePoint Foundation 2013: October 12, 2021 (KB5002042) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability and Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerabilities,...

Update 18.5 for Microsoft Dynamics 365 Business Central 2021 Release Wave 1 (Application Build 18.5.29545, Platform Build 18.0.29486): September 14, 2021 (KB5006076)

Update 18.5 for Microsoft Dynamics 365 Business Central 2021 Release Wave 1 (Application Build 18.5.29545, Platform Build 18.0.29486): September 14, 2021 (KB5006076) Overview This update replaces previously released updates. You should always install the latest update. This update also fixes a...

Description of the security update for SharePoint Foundation 2013: September 14, 2021 (KB5002024)

Description of the security update for SharePoint Foundation 2013: September 14, 2021 (KB5002024) Summary This security update resolves Microsoft SharePoint Server spoofing vulnerabilities. To learn more about the vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2021-38651...

K41043270 : Intel processor vulnerabilities CVE-2021-0086 and CVE-2021-0089

Security Advisory Description CVE-2021-0086 Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2021-0089 Observable response discrepancy in some Intel(R)...

Connected Farms Easy Pickings for Global Food Supply-Chain Hack

A group of hackers made an unnerving DEF CON 29 presentation showing how the sprawling growth of digital and automated farming has left the world’s food supply chain vulnerable to cyberattack. A video for DEF CON 29 hacker conference this week put out by the group Sick Codes explained that modern.....

TeamCity Server < 2020.2.4 Multiple Vulnerabilities

According to its its self-reported version number, the version of JetBrains TeamCity running on the remote host is a version prior to 2020.2.4. It is, therefore, affected by multiple vulnerabilities: A command injection vulnerability exists in JetBrains TeamCity. An unauthenticated, remote ...

Description of the security update for SharePoint Foundation 2013: July 13, 2021 (KB5001992)

Description of the security update for SharePoint Foundation 2013: July 13, 2021 (KB5001992) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, SharePoint Server spoofing vulnerability, and SharePoint Server information disclosure...

Update 18.3 for Microsoft Dynamics 365 Business Central 2021 Release Wave 1 (Application Build 18.3.27480, Platform Build 18.0.27469)

Update 18.3 for Microsoft Dynamics 365 Business Central 2021 Release Wave 1 (Application Build 18.3.27480, Platform Build 18.0.27469) Overview This update replaces previously released updates. You should always install the latest update. For more information, see CVE-2021-34474.After you install...

SUSE: Security Advisory (SUSE-SU-2017:0494-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2016:3115-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2017:0437-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2017:0333-1)

The remote host is missing an update for...

Description of the security update for SharePoint Foundation 2013: June 8, 2021 (KB5001962)

Description of the security update for SharePoint Foundation 2013: June 8, 2021 (KB5001962) Summary This security update resolves a Microsoft SharePoint remote code execution vulnerability, SharePoint spoofing vulnerability, SharePoint Server remote code execution vulnerability, and SharePoint...

Description of the security update for SharePoint Foundation 2013: May 11, 2021 (KB5001935)

Description of the security update for SharePoint Foundation 2013: May 11, 2021 (KB5001935) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, information disclosure vulnerability, and spoofing vulnerability, and Microsoft SharePoint remote...

SUSE: Security Advisory (SUSE-SU-2017:0464-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2016:2828-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2016:2505-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2017:0471-1)

The remote host is missing an update for...

Description of the security update for SharePoint Foundation 2013: March 9, 2021 (KB4493238)

Description of the security update for SharePoint Foundation 2013: March 9, 2021 (KB4493238) Summary This security update resolves a Microsoft SharePoint Spoofing Vulnerability. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2021-24104 and...

Denial of service attack via .well-known lookups

Impact A malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume significantly more resources when requesting the .well-known file of a malicious homeserver. This affects any server which...

Denial of service attack via .well-known lookups

Impact A malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume significantly more resources when requesting the .well-known file of a malicious homeserver. This affects any server which...

Denial Of Service (DoS)

matrix-synapse is vulnerable to denial of service. A malicious homeserver is able to redirect requests to a very large .well-known file that leads to a denial of service condition where homeservers will consume significantly more resources when requesting the malicious .well-known...

Denial Of Service (DoS)

matrix-synapse is vulnerable to denial of service (DoS). The vulnerability exists as a malicious homeserver could redirect requests to their .well-known file to a large...

CVE-2021-21274

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

CVE-2021-21274

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

CVE-2021-21274

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

PYSEC-2021-132

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

Code injection

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

CVE-2021-21274 Denial of service attack via .well-known lookups

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

CVE-2021-21274

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

openSUSE Security Update : buildah / libcontainers-common / podman (openSUSE-2021-310)

This update for buildah, libcontainers-common, podman fixes the following issues : Changes in libcontainers-common : Update common to 0.33.0 Update image to 5.9.0 Update podman to 2.2.1 Update storage to 1.24.5 Switch to seccomp profile provided by common instead of podman Update...

Security update for buildah, libcontainers-common, podman (moderate)

An update that fixes two vulnerabilities is now available. Description: This update for buildah, libcontainers-common, podman fixes the following issues: Changes in libcontainers-common: Update common to 0.33.0 Update image to 5.9.0 Update podman to 2.2.1 Update storage to 1.24.5 Switch to...

Description of the security update for SharePoint Foundation 2013: February 9, 2021 (KB4493210)

Description of the security update for SharePoint Foundation 2013: February 9, 2021 (KB4493210) Summary This security update resolves Microsoft SharePoint Spoofing Vulnerability, SharePoint Remote Code Execution Vulnerability, and SharePoint Information Disclosure Vulnerability. To learn more...

Description of the security update for SharePoint Foundation 2013: January 12, 2021

Description of the security update for SharePoint Foundation 2013: January 12, 2021 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

Description of the security update for SharePoint Foundation 2013: December 8, 2020

Description of the security update for SharePoint Foundation 2013: December 8, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

Exploit for Cross-site Scripting in Ant.Design Ant Design Pro

English | 简体中文 |...

Description of the security update for SharePoint Foundation 2013: November 10, 2020

Description of the security update for SharePoint Foundation 2013: November 10, 2020 NoticeWe declare System.Web.UI.WebControls.PasswordRecovery to be an unsafe control because of security concerns. Therefore, we recommend that you no longer user it. Summary This security update resolves...

mon-espace-douche.com Cross Site Scripting vulnerability OBB-1470389

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

Security Bulletin: Multiple packages as used in IBM Security QRadar Packet Capture are vulnerable to various security issues.

Summary The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2017-5461 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an...

espace-emplois.fr Cross Site Scripting vulnerability OBB-1455125

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

espace-mandela-lca.com Cross Site Scripting vulnerability OBB-1449506

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

Description of the security update for SharePoint Foundation 2013: October 13, 2020

Description of the security update for SharePoint Foundation 2013: October 13, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

EulerOS Virtualization for ARM 64 3.0.6.0 : libXrender (EulerOS-SA-2020-2020)

According to the versions of the libXrender package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger ...

Huawei EulerOS: Security Advisory for libXrender (EulerOS-SA-2020-2020)

The remote host is missing an update for the Huawei...

espace-client.fletesia.fr Cross Site Scripting vulnerability OBB-1334639

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

Description of the security update for SharePoint Foundation 2013: September 8, 2020

Description of the security update for SharePoint Foundation 2013: September 8, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the.....