CVE-2017-13166

A bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space...

The Windows Vista Application Compatibility Update

The Windows Vista Application Compatibility Update The update that is described in this article was replaced by a more recent update. To apply the latest update, please click the following article number to view the article in the Microsoft Knowledge Base: 935280 July 2007 Windows Vista Applicati...

Compatibility update is available for Windows 8 and Windows Server 2012

Compatibility update is available for Windows 8 and Windows Server 2012 Summary A compatibility update is a software update that improves the compatibility experience in Windows 8 and in Windows Server 2012. Microsoft regularly releases Windows compatibility updates to improve the overall user...

Compatibility update is available for Windows 8 and Windows Server 2012

Compatibility update is available for Windows 8 and Windows Server 2012 Summary A compatibility update is a software update that improves the compatibility experience in Windows 8 and in Windows Server 2012. Microsoft regularly releases Windows compatibility updates to improve the overall user...

Compatibility update is available for Windows 8 and Windows Server 2012

Compatibility update is available for Windows 8 and Windows Server 2012 Summary A compatibility update is a software update that improves the compatibility experience in Windows 8 and in Windows Server 2012. Microsoft regularly releases Windows compatibility updates to improve the overall user...

Compatibility update is available for Windows 8 and Windows Server 2012

Compatibility update is available for Windows 8 and Windows Server 2012 Summary A compatibility update is a software update that improves the compatibility experience in Windows 8 and in Windows Server 2012. Microsoft regularly releases Windows compatibility updates to improve the overall user...

WHO COVID-19 Mobile App: Probably unexploitable XSS via Header Injection

Summary: The Who-Platform header is reflected in the output of the page if it's not one of the recognized Who-Platform values IOS, ANDROID, WEB. While this is probably no longer exploitable as of 2015, it may be exploitable on less well implemented browsers not Chrome/Firefox/Edge. In general,...

openSUSE Security Update : python-nltk (openSUSE-2020-436)

This update for python-nltk fixes the following issues : Update to 3.4.5 boo1146427, CVE-2019-14751 : - CVE-2019-14751: Fixed Zip slip vulnerability in downloader for the unlikely situation where a user configures their downloader to use a compromised server boo1146427 Update to 3.4.4 : - fix bug...

openSUSE Security Update : python-mysql-connector-python (openSUSE-2020-409)

This update for python-mysql-connector-python fixes the following issues : python-mysql-connector-python was updated to 8.0.19 boo1122204 - CVE-2019-2435 : - WL13531: Remove xplugin namespace - WL13372: DNS SRV support - WL12738: Specify TLS ciphers to be used by a client or session - BUG30270760...

CVE-2017-18342

In PyYAML before 5.1, the yaml.load API could execute arbitrary code if used with untrusted data. The load function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function...

Exploit for CVE-2020-1938

Description This tool is intended only for security research...

[SECURITY] [DSA 4647-1] bluez security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4647-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 26, 2020 https://www.debian.org/security/faq -...

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects WebSphere Message Broker and IBM Integration Bus (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects WebSphere Message Broker and IBM Integration Bus Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a...

Ubuntu: Security Advisory (USN-4307-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4171-5 apport regression

USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root...

Linux: Read /etc/ntp.conf (KB)

The ntpd program is an operating system daemon which sets and maintains the system time of day in synchronism with Internet standard time servers. It is a complete implementation of the Network Time Protocol NTP version 4, but also retains compatibility with version 3, as defined by RFC-1305, and...

Cumulative Update 27 for Microsoft Dynamics NAV 2018 (Build 41203)

Cumulative Update 27 for Microsoft Dynamics NAV 2018 Build 41203 This article applies to Microsoft Dynamics NAV 2018 for all countries and all language locales.A remote code execution vulnerability exists in Microsoft Dynamics NAV. A user who has the permission to access certain features that...

Cumulative Update 10 for Microsoft Dynamics 365 Business Central April'19 on-premises (Application Build 14.11.41204, Platform Build 14.0.41143)

None None...

Cumulative Update 40 for Microsoft Dynamics NAV 2017 (Build 30192)

Cumulative Update 40 for Microsoft Dynamics NAV 2017 Build 30192 This article applies to Microsoft Dynamics NAV 2017 for all countries and all language locales.A remote code execution vulnerability exists in Microsoft Dynamics NAV. A user who has the permission to access certain features that...

openSUSE Security Update : enigmail (openSUSE-2020-250)

This update for enigmail fixes the following issues : enigmail was updated to 2.1.5 : - Security issue: unsigned MIME parts displayed as signed bsc1159973 - Ensure that upgrading GnuPG 2.0.x to 2.2.x upgrade converts keyring format - Make Enigmail Compatible with Protected-Headers spec, draft 2...