Security update for gcc10, nvptx-tools (moderate)

openSUSE Security Update: Security update for gcc10, nvptx-tools Announcement ID: openSUSE-SU-2020:1692-1 Rating: moderate References: 1172798 1172846 1173972 1174753 1174817 1175168 Cross-References: CVE-2020-13844 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and...

Security update for gcc10, nvptx-tools (moderate)

openSUSE Security Update: Security update for gcc10, nvptx-tools Announcement ID: openSUSE-SU-2020:1693-1 Rating: moderate References: 1172798 1172846 1173972 1174753 1174817 1175168 Cross-References: CVE-2020-13844 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and...

Exploit for Absolute Path Traversal in Rarlab Winrar

This is a PoC exploit for CVE-2018-20250. The exploit targets a vulnerability in the Microsoft Visual C++ compiler, specifically in the way it handles certain types of code. The vulnerability allows for arbitrary code execution. The exploit is likely to be used to demonstrate the vulnerability an...

[SECURITY] Fedora 32 Update: ghc-hakyll-4.13.4.0-1.fc32

Hakyll is a static website compiler library. It provides you with the tools to create a simple or advanced static website using a Haskell DSL and formats such as markdown or RST. You can find more information, including a tutorial, on the website:...

openSUSE Security Update : go1.14 (openSUSE-2020-1584)

This update for go1.14 fixes the following issues : - go1.14.9 released 2020-09-09 includes fixes to the compiler, linker, runtime, documentation, and the net/http and testing packages. Refs bsc1164903 go1.14 release tracking - go41192 net/http/fcgi: race detected during execution of...

openSUSE Security Update : go1.14 (openSUSE-2020-1587)

This update for go1.14 fixes the following issues : - go1.14.9 released 2020-09-09 includes fixes to the compiler, linker, runtime, documentation, and the net/http and testing packages. Refs bsc1164903 go1.14 release tracking - go41192 net/http/fcgi: race detected during execution of...

openSUSE: Security Advisory for go1.14 (openSUSE-SU-2020:1584-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for go1.14 (openSUSE-SU-2020:1587-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for go1.14 (moderate)

openSUSE Security Update: Security update for go1.14 Announcement ID: openSUSE-SU-2020:1587-1 Rating: moderate References: 1164903 1176031 Cross-References: CVE-2020-24553 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has one errata is now available.Description...

OPENSUSE-SU-2020:1587-1 Security update for go1.14

This update for go1.14 fixes the following issues: - go1.14.9 released 2020-09-09 includes fixes to the compiler, linker, runtime, documentation, and the net/http and testing packages. Refs bsc1164903 go1.14 release tracking go41192 net/http/fcgi: race detected during execution of...

Safari in Operator Side Effect Exploit

This module exploits an incorrect side-effect modeling of the 'in' operator. The DFG compiler assumes that the 'in' operator is side-effect free, however the element with the PDF plugin provides a callback that can trigger side-effects leading to type confusion CVE-2020-9850. The type confusion c...

SUSE-SU-2020:2776-1 Security update for go1.15

go1.15 released 2020-08-11 Go 1.15 is a major release of Go. go1.15.x minor releases will be provided through August 2021. https://github.com/golang/go/wiki/Go-Release-Cycle Most changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1...

SUSE-SU-2020:14502-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.3.0 ESR bsc1176756, MFSA 2020-43 - CVE-2020-15677: Download origin spoofing via redirect - CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a contenteditable element - CVE-2020-15678: Whe...

Security update for singularity (moderate)

openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2020:1529-1 Rating: moderate References: 1176705 1176707 Cross-References: CVE-2020-25039 CVE-2020-25040 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes two vulnerabilities is now availabl...

Denial Of Service (DoS)

xen is vulnerable to denial of service DoS. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory barrier e.g., smpmb ...

CVE-2020-25603

An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory barrier e.g., smp...

DEBIAN-CVE-2020-25603

An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory barrier e.g., smp...

CVE-2020-25603

An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory barrier e.g., smp...

CVE-2020-25603

An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory barrier e.g., smp...

Privilege escalation

An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory barrier e.g., smp...