Exploit for Path Traversal in Grafana

Grafana V8. Arbitrary File Reading Vulnerability – Multi-t...

Dell PowerScale OneFS Denial of Service Vulnerability

Dell PowerScale OneFS is the PowerScale OneFS operating system that provides horizontal scaling NAS. A security vulnerability exists in Dell PowerScale OneFS that stems from Dell PowerScale OneFS containing asynchronous access to shared data in the context of multi-threaded SMB CA processing. An...

CVE-2021-22564

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

CVE-2021-22564

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

Design/Logic Flaw

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

CVE-2021-22564

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

CVE-2021-22564 Out of bounds Copy in Libjxl in large image groups

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

OPENSUSE-SU-2021:1390-1 Security update for ssh-audit

This update for ssh-audit fixes the following issues: ssh-audit was updated to version 2.5.0 Fixed crash when running host key tests. Handles server connection failures more gracefully. Now prints JSON with indents when -jj is used useful for debugging. Added MD5 fingerprints to verbose output...

Security update for ssh-audit (moderate)

openSUSE Security Update: Security update for ssh-audit Announcement ID: openSUSE-SU-2021:1390-1 Rating: moderate References: Cross-References: CVE-2018-15473 CVSS scores: CVE-2018-15473 NVD : 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2018-15473 SUSE: 5.8...

OPENSUSE-SU-2021:1383-1 Security update for ssh-audit

This update for ssh-audit fixes the following issues: ssh-audit was updated to version 2.5.0 Fixed crash when running host key tests. Handles server connection failures more gracefully. Now prints JSON with indents when -jj is used useful for debugging. Added MD5 fingerprints to verbose output...

RLSA-2021:3590 Moderate: mysql:8.0 security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.26. BZ1996693 Security Fixes: mysql: Server: Stored Procedure multiple...

[SECURITY] Fedora 33 Update: community-mysql-8.0.26-1.fc33

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

SUSE-SU-2021:2473-1 Security update for slurm

This update for slurm fixes the following issues: Updated to 20.11.7 Summary of new features: CVE-2021-31215: Fixed a remote code execution as SlurmUser bsc1186024. slurmd - handle configless failures gracefully instead of hanging indefinitely. select/constres - fix Dragonfly topology not selecti...

AvosLocker enters the ransomware scene, asks for partners

This blog post was authored by Hasherezade In mid-July we responded to an incident that involved an attack on a Microsoft Exchange server. The threat actor used this entry point to get into a Domain Controller and then leveraged it as a springboard to deploy ransomware. While examining the...

Orbitaldump - A Simple Multi-Threaded Distributed SSH Brute-Forcing Tool Written In Python

A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the --proxies switch, it acts just like any other multi-threaded SSH brute-forcing scripts. When the --proxies switch is added, the script pulls a list usually thousands ...

rsyslog bug fix and enhancement update

An update is available for rsyslog. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It...

Shreder - A Powerful Multi-Threaded SSH Protocol Password Bruteforce Tool

Shreder is a powerful multi-threaded SSH protocol password brute-force tool. Features Very fast password guessing, just one password in 0.1 second. Optimized for big password lists, Shreder tries 1000 passwords in 1 minute and 40 seconds. Simple CLI and API usage. Installation pip3 install...

MySQL: Multiple vulnerabilities

Background MySQL is a popular multi-threaded, multi-user SQL server. Description Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact An attacker could possibly execute arbitrary code with the privileges of the process,...

ALEA-2021:1893 new module: mariadb:10.5

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. This enhancement update adds the mariadb:10.5 module to AlmaLinux BZ1855781 For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

new module: mariadb:10.5

An update is available for Judy, mariadb, galera. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a multi-user, multi-threaded SQL database server tha...