80 matches found
CVE-2021-3901
firefly-iii is vulnerable to Cross-Site Request Forgery CSRF...
CVE-2021-3901 Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii
firefly-iii is vulnerable to Cross-Site Request Forgery CSRF...
CVE-2021-3901
CVE-2021-3901 affects firefly-iii: Cross-Site Request Forgery (CSRF) in the web application. The vulnerability arises from insufficient request validation, enabling an attacker to cause unintended actions on behalf of authenticated users. CVSS data in the initial document lists CVSS v3.1 base sco...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9473)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9473 advisory. - ocfs2: subsystem.sumutex is required while accessing the item-ciparent alex chen Orabug: 29184589 CVE-2017-18216 - bcache: fix potential deadlock...
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:3901-1)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.6.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-55 bsc1180039 - CVE-2020-16042 bmo1679003 Operations on a BigInt could have caused uninitialized memory to be exposed -...
NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2020-0117)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive...
Oracle Linux 7 : libpng (ELSA-2020-3901)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-3901 advisory. - Fix CVE-2017-12652 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...
Apple iCloud 10.x < 10.9.3 Multiple Vulnerabilities
According to its version, the iCloud application installed on the remote Windows host is 10.x prior to 10.9.3. It is, therefore, affected by multiple vulnerabilities: - A logic issue was addressed with improved restrictions. A file URL may be incorrectly processed. CVE-2020-3885 - A logic issue w...
Apple iCloud 7.x < 7.18 Multiple Vulnerabilities
According to its version, the iCloud application installed on the remote Windows host is 7.x prior to 7.18. It is, therefore, affected by multiple vulnerabilities: - A logic issue was addressed with improved restrictions. A file URL may be incorrectly processed. CVE-2020-3885 - A logic issue was...
GLSA-202006-08 : WebKitGTK+: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202006-08 WebKitGTK+: Multiple vulnerabilities Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Debian: Security Advisory (DSA-4681-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4681-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4681-1 [email protected] https://www.debian.org/security/ Alberto Garcia May 07, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4681-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4681-1 [email protected] https://www.debian.org/security/ Alberto Garcia May 07, 2020 https://www.debian.org/security/faq -...
About the security content of iCloud for Windows 7.18 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
About the security content of iCloud for Windows 10.9.3 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
CVE-2020-3901
CVE-2020-3901 is a WebKit type-confusion vulnerability addressed by Apple in iOS 13.4 / iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, and related Apple software. The initial description notes a memory-handling related type confusion that could allow arbitrary code execution when processing ma...
CVE-2020-3901
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrar...
RHEL 7 : kernel (RHSA-2020:1016)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1016 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: out of bound read in DVB...
Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...