226 matches found
Inateck BCST-60 Barcode Scanner Keystroke Injection Vulnerability
The Inateck BCST-60 is a barcode scanner that can be used wirelessly using 2.4 GHz radio communication or wired via USB. The Inateck BCST-60 Barcode Scanner suffers from a keystroke injection vulnerability that can be exploited by an attacker to send packets of data to a target system's USB...
[SECURITY] [DSA 4571-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4571-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 17, 2019 https://www.debian.org/security/faq -...
Solaris 10 (sparc) : 125719-60
X11 6.8.0: Xorg server patch. Date this patch was last updated by Sun : Nov/04/19 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'compat.inc'; if description scriptid130509; scriptversion"1.4";...
Mozilla: Caret character improperly escaped in origins
A vulnerability exists where the caret "^" character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...
Schneider Electric Altivar ATV930D45M3C Variable Speed Drive
Binary data 764314.prm...
Schneider Electric Altivar ATV930D45M3 Variable Speed Drive
Binary data 764313.prm...
Rockwell Automation ArmorPoint Chassis 60 Slot 1738 Chassis 60
Binary data 753701.prm...
Rockwell Automation PointIO Chassis 60 Slot 1734 Chassis 60
Binary data 753621.prm...
CVE-2018-5179
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60...
CVE-2018-5179
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60...
Code injection
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60...
CVE-2018-5179
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60...
CVE-2018-5179
Affected software: Chromium/Google Chrome (browser). Issue: CVE-2018-5179, within the ServiceWorker implementation, where the update() path could run indefinitely due to insufficient limits. Cause: described as an error in the ServiceWorker component; multiple vendor advisories map this CVE to pr...
CVE-2018-5179
Removed by vendor...
Windows/x86 - Download With TFTP And Execute Shellcode (Generator) (51-60 bytes)
!/bin/python Author: Semen Alexandrovich Lyhin. https://www.linkedin.com/in/semenlyhin/ This script generates x86 shellcode to download and execute .exe file via tftp. File name should be equal to: "1.exe" Lenght: 51-56 bytes, zero-free. import sys def GetOpcodesip,addr: command = r"tftp -i " + i...
Authorization
Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In environments with multiple identity providers that contain accounts across identity providers with the same username, a remote authenticated user with access to one of these accounts may be able to obtain a tok...
Security fix for the ALT Linux 9 package polkit version 0.115-alt4
Dec. 6, 2018 Alexey Shabalin 0.115-alt4 - updated to 0.115-23fd211e - Port the JS authority to mozjs-60 - Move D-Bus policy file to /usr/share/dbus-1/system.d/ - Drop deprecated use of gtypeclassaddprivate - Allow negative uids/gids in PolkitUnixUser and Group objects fixed CVE-2018-19788...
SUSE-SU-2018:3591-2 Security update for MozillaFirefox, MozillaFirefox-branding-SLE, llvm4, mozilla-nspr, mozilla-nss, apache2-mod_nss
This update for MozillaFirefox to ESR 60.2.2 fixes several issues. These general changes are part of the version 60 release. - New browser engine with speed improvements - Redesigned graphical user interface elements - Unified address and search bar for new installations - New tab page listing to...
US Postal Service Left 60 Million Users Data Exposed For Over a Year
The United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to anyone who has an account at the USPS.com website. The U.S.P.S. is an independent agency of the American federal government responsible for providing postal...
Debian DLA-1575-1 : thunderbird security update
Multiple security issues have been found in Thunderbird: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. Debian follows the Thunderbird upstream releases. Support for the 52.x series has ended, so starting with this update we're...