16 matches found
TYPO3 Install Tool vulnerable to Code Execution
Problem Several settings in the Install Tool for configuring the path to system binaries were vulnerable to code execution. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions. The corresponding change for this advisory involves...
CVE-2020-9786
This issue was addressed with improved checks This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. An application may be able to trigger a sysdiagnose...
Fedora 32 : drupal7 (2020-0b32a59b54)
https://www.drupal.org/project/drupal/releases/7.72 - Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004 / CVE-2020-13663 - https://www.drupal.org/project/drupal/releases/7.71 - https://www.drupal.org/project/drupal/releases/7.70 - Drupal core - Moderately critical - Cross...
Fedora 31 : drupal7 (2020-fbb94073a1)
https://www.drupal.org/project/drupal/releases/7.72 - Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004 / CVE-2020-13663 - https://www.drupal.org/project/drupal/releases/7.71 - https://www.drupal.org/project/drupal/releases/7.70 - Drupal core - Moderately critical - Cross...
Drupal 7.x, 8.x jQuery XSS Vulnerabilities (SA-CORE-2020-002) - Windows
Drupal is prone to multiple cross-site scripting vulnerabilities in jQuery. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Fedora 32 : drupal7 (2020-11be4b36d4)
Security fix for https://www.drupal.org/sa-core-2020-002 and https://www.drupal.org/sa-core-2020-003 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much ...
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 8.7, and 8.8. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...
TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-002...
macOS 10.15.x < 10.15.4 / 10.14.x < 10.14.6 Security Update 2020-002 / 10.13.x < 10.13.6 Security Update 2020-002
The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.6 Security Update 2020-002, 10.14.x prior to 10.14.6 Security Update 2020-002, or 10.15.x prior to 10.15.4. It is, therefore, affected by multiple vulnerabilities : - Insufficient control flow in certain data...
Apple Mac OS X Security Update (HT211100)-02
Apple Mac OS X is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Apple Mac OS X Security Update (HT211100)-05
Apple Mac OS X is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
DEBIAN-CVE-2020-10592
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service CPU consumption, aka TROVE-2020-002...
UBUNTU-CVE-2020-10592
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service CPU consumption, aka TROVE-2020-002...
CVE-2020-10592
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service CPU consumption, aka TROVE-2020-002...
openSUSE Security Update : nextcloud (openSUSE-2020-220)
This update for nextcloud fixes the following issues : Nextcloud was updated to 15.0.14 : - NC-SA-2020-002, CVE-2019-15613: workflow rules to depend their behaviour on the file extension when checking file mimetypes boo1162766 - NC-SA-2019-016, CVE-2019-15623: Exposure of Private Information caus...
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002
More info at https://www.drupal.org/sa-core-2020-002...