257 matches found
RHEL 7 : sudo (RHSA-2021:0224)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0224 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Authentication flaw
SAP NetWeaver AS JAVA P2P Cluster Communication, versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. ...
Linux: Get crontab and /etc/cron.* scripts
Crontab is the program used to install, remove or list the tables used to drive the cron8 daemon. Each user can have their own crontab, and though these are files in /var/spool/, they are not intended to be edited directly. For SELinux in mls mode can be even more crontabs - for each range. Many ...
GaussDB Kernel: Using the Private User Solution
If the control permissions of system administrators for tables need to be isolated from their access permissions, that is, administrators can only perform control operations DROP, ALTER, and TRUNCATE on data and cannot perform access operations INSERT, DELETE, UPDATE, SELECT, and COPY, the privat...
Microsoft Releases Windows Security Updates For Critical Flaws
Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day flaw disclosed by Google's security team last week. The rollout addresses flaws, 17 of which are rated as Critical, 93 are rated...
CVE-2020-27708
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged...
Design/Logic Flaw
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged...
APICheck - The DevSecOps Toolset For REST APIs
APICheck is a complete toolset designed and created for testing REST APIs. Why APICheck APICheck focuses not only in the security testing and hacking use cases. The goal of the project is to become a complete toolset for DevSecOps cycles. The tools are aimed to diverse users profiles: Developers...
CVE-2020-10049
A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V2.10.2. The start-stop scripts for the services of the affected application could allow a local attacker to include arbitrary commands that are executed when services are started or stopped interactively by system...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V2.10.2. The start-stop scripts for the services of the affected application could allow a local attacker to include arbitrary commands that are executed when services are started or stopped interactively by system...
CVE-2020-10049
A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V2.10.2. The start-stop scripts for the services of the affected application could allow a local attacker to include arbitrary commands that are executed when services are started or stopped interactively by system...
Security Bulletin: IBM Sterling Connect:Direct for UNIX Allows a User with Sudo Access Restricted to Certain Connect:Direct Executable Files to Expand Access Beyond the Restriction (CVE-2018-1903)
Summary UNIX system administrators may grant access to run certain executable files with expanded privilege via the sudo utility. Connect:Direct for UNIX has a vulnerability that could allow a user to escape this sudo executable file restriction and perform unauthorized commands with expanded...
[SECURITY] Fedora 31 Update: remmina-1.4.7-1.fc31
Remmina is a remote desktop client written in GTK+, aiming to be useful for system administrators and travelers, who need to work with lots of remote computers in front of either large monitors or tiny net-books. Remmina supports multiple network protocols in an integrated and consistent user...
[SECURITY] Fedora 32 Update: remmina-1.4.7-1.fc32
Remmina is a remote desktop client written in GTK+, aiming to be useful for system administrators and travelers, who need to work with lots of remote computers in front of either large monitors or tiny net-books. Remmina supports multiple network protocols in an integrated and consistent user...