📄 Automic Automation Agent Unix Privilege Escalation

An agent configured to run in privileged mode using the SetUID-Bit can be used to escalate privileges, by supplying an ini file with the "authentication" option set to "PAM" and the "libName" option set to a shared object file controlled by the attacker. The shared object will be loaded in an...

Broadcom Automic Automation Agent 代码问题漏洞

Broadcom Automic Automation Agent is a Broadcom agent for enterprise-level task automation that supports cross-platform job scheduling, process orchestration, and IT O&M automation for automated management of complex business scenarios. A code issue vulnerability exists in Broadcom Automic...

Vulnerabilities fixed in Oracle Communications

Oracle has fixed several vulnerabilities in its Communications products, including Oracle Communications Unified Assurance, Oracle Communications Cloud Native Core Network Function and Oracle Communications Order and Service Management. The vulnerabilities allow unauthenticated malicious actors t...

Twisted 安全漏洞

Twisted is an open source event-driven open source web engine written in the Python language by Twisted Matrix Labs. A security vulnerability exists in Twisted version 24.3.0 and earlier, which stems from the fact that the HTTP 1.0 and 1.1 servers provided by twisted.web process pipelined HTTP...

SUSE-SU-2024:2481-1 Security update for python-black

This update for python-black fixes the following issues: Updated to version 24.3.0: - CVE-2024-21503: Fixed a performance downgrade on docstrings that contain large numbers of leading tab characters bsc1221530...

Sentry Security Vulnerability

SENTRY is a bug tracking and performance monitoring platform for developers from SENTRY, Inc. A security vulnerability exists in Sentry versions 24.3.0 through 24.5.0, which stems from a Slack integration that discloses deprecated authentication tokens in logs...

PYSEC-2024-48

Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service ReDoS via the lineswithleadingtabsexpanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting thi...

CVE-2024-21503

Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service ReDoS via the lineswithleadingtabsexpanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting thi...

black Security breach

Black is a Python code formatting program. A security vulnerability exists in versions prior to black 24.3.0 that stems from the lineswithleadingtabsexpanded function in the strings.py file being vulnerable to a denial-of-service attack, which can be exploited to cause a denial of service by...

PT-2024-2442 · Black +1 · Black +1

Name of the Vulnerable Software and Affected Versions: black versions prior to 24.3.0 Description: The issue is related to a Regular Expression Denial of Service ReDoS vulnerability via the lines with leading tabs expanded function in the strings.py file. An attacker could exploit this by craftin...

CVE-2024-23768

Dremio before 24.3.1 allows path traversal. An authenticated user who has no privileges on certain folders and the files and datasets in these folders can access these folders, files, and datasets. To be successful, the user must have access to the source and at least one folder in the source...

openSUSE Security Update : firefox / seamonkey / thunderbird (openSUSE-SU-2014:0212-1)

Mozilla Firefox was updated to version 27. Mozilla SeaMonkey was updated to 2.24, fixing similar issues as Firefox 27. Mozilla Thunderbird was updated to 24.3.0, fixing similar issues as Firefox 27. The Firefox 27 release brings TLS 1.2 support as a major security feature. It also fixes following...

CentOS Update for firefox CESA-2014:0132 centos6

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2014:0132 centos6 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

firefox security update

CentOS Errata and Security Advisory CESA-2014:0132 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVS...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

firefox security update

24.3.0-2.0.1.el65 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Build with nspr-devel = 4.10.0 to fix build failure 24.3.0-2 - Update to 24.3.0 ESR Build 2 24.3.0-1 - Update to 24.3.0 ESR...