Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 3.1.14-alt1

April 17, 2021 Vitaly Lipatov 3.1.14-alt1 - .NET Core 3.1.14 and .NET Core SDK 3.1.408 - CVE-2021-26701 | .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 9 package dotnet-bootstrap-5.0 version 5.0.5-alt1

April 17, 2021 Vitaly Lipatov 5.0.5-alt1 - .NET 5.0.5 and .NET SDK 5.0.202 - CVE-2021-26701: .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 9 package dotnet-bootstrap-3.1 version 3.1.14-alt1

April 17, 2021 Vitaly Lipatov 3.1.14-alt1 - .NET Core 3.1.14 and .NET Core SDK 3.1.408 - CVE-2021-26701 | .NET Core Remote Code Execution Vulnerability...

Homebrew: Brew bootstrap process is insecure

The process described in this page is not secure - no checksum / PGP signature is published and there is no way to check the download is legit: https://brew.sh/ "/bin/bash -c "$curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh"" This can lead to supply chain attacks su...

openSUSE: Security Advisory for crmsh (openSUSE-SU-2021:0410-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

RHEL 8 : RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] security, (Moderate) (RHSA-2021:1169)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1169 advisory. The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as...

nodejs-bootstrap-select: not escaping title values on <option> may lead to XSS

bootstrap-select before 1.13.6 allows Cross-Site Scripting XSS. It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim's browser...

Moderate: Red Hat Security Advisory: RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] 0-day security, bug fix, enhance

An update for org.ovirt.engine-root, ovirt-engine-ui-extensions, and ovirt-web-ui is now available for Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

nodejs-bootstrap-select: not escaping title values on <option> may lead to XSS

bootstrap-select before 1.13.6 allows Cross-Site Scripting XSS. It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim's browser...

XSS Vulnerability in Heybbs Frontend

HEYBBS Micro Community is a bootstrap+php+mysqli based development program. Heybbs frontend has an XSS vulnerability that can be exploited by attackers to obtain user cookie information...

Security update for crmsh (important)

openSUSE Security Update: Security update for crmsh Announcement ID: openSUSE-SU-2021:0410-1 Rating: important References: 1154927 1178454 1178869 1179999 1180126 1180137 1180571 1180688 1181415 Cross-References: CVE-2020-35459 CVE-2021-3020 CVSS scores: CVE-2020-35459 NVD : 7.8...

Logic flaw vulnerability in oasys

oasys is an OA office automation system , the use of Maven for project management , springboot framework based on the development of the project , mysql underlying database , the front-end freemarker template engine , Bootstrap as the front-end UI framework , integrated jpa, mybatis and other...

Security fix for the ALT Linux 9 package dotnet-bootstrap-2.1 version 2.1.25-alt1

2.1.25-alt1 built March 1, 2021 Vitaly Lipatov in task 266708 --- Feb. 17, 2021 Vitaly Lipatov - new version 2.1.25 with rpmgs script - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 9 package dotnet-bootstrap-3.1 version 3.1.12-alt1

3.1.12-alt1 built March 1, 2021 Vitaly Lipatov in task 266709 Feb. 17, 2021 Vitaly Lipatov - new version 3.1.12 with rpmgs script - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

Design/Logic Flaw

A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this...

fastadmin 跨站脚本漏洞

fastadmin is a web backend development framework based on ThinkPHP and Bootstrap. A cross-site scripting vulnerability exists in fastadmin V1.0.0.20200506beta, which stems from the lack of proper validation of client-side data in WEB applications. An attacker can obtain administrator credentials ...

Security fix for the ALT Linux 10 package dotnet-bootstrap-6.0 version 6.0.0.preview.1-alt1

Feb. 23, 2021 Vitaly Lipatov 6.0.0.preview.1-alt1 Wed Feb 17 2021 Vitaly Lipatov &[email protected] 5.0.3-alt1 - .NET 5.0.3 and .NET SDK 5.0.103 - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 10 package dotnet-bootstrap-7.0 version 6.0.0.preview.1-alt1

Feb. 23, 2021 Vitaly Lipatov 6.0.0.preview.1-alt1 Wed Feb 17 2021 Vitaly Lipatov &[email protected] 5.0.3-alt1 - .NET 5.0.3 and .NET SDK 5.0.103 - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 9 package dotnet-bootstrap-5.0 version 5.0.3-alt1

5.0.3-alt1 built Feb. 18, 2021 Vitaly Lipatov in task 266508 Feb. 17, 2021 Vitaly Lipatov - .NET 5.0.3 and .NET SDK 5.0.103 - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 3.1.12-alt1

Feb. 17, 2021 Vitaly Lipatov 3.1.12-alt1 - new version 3.1.12 with rpmgs script - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...