Microsoft Outlook Users Targeted By Gamaredon's New VBA Macro

The Gamaredon threat group has given its post-compromise toolset a facelift with the addition of a new Visual Basic for Applications VBA macro. The VBA macro leverages compromised victims’ Microsoft Outlook email accounts to send spear-phishing emails to their contacts – rapidly widening the...

CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. Mitigation To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler...

CVE-2020-10878

Perl before 5.30.3 has an integer overflow related to mishandling of a "PLregkindOPn == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. Mitigation To mitigate this flaw, developers should not allow untrusted regular...

Mozilla Firefox JIT Compiler Memory Leak (CVE-2018-12387)

A memory leak vulnerability exists in Mozilla Firefox JIT Compiler. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

The vulnerability of the GraalVM Compiler component of the Oracle GraalVM Enterprise Edition allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the GraalVM Compiler component in the Oracle GraalVM Enterprise Edition is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data through various network protocols...

The vulnerability of the GraalVM Compiler component of the Oracle GraalVM Enterprise Edition virtual machine allows a hacker to trigger a service failure.

The vulnerability of the GraalVM Compiler component in Oracle GraalVM Enterprise Edition is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to trigger service failures through various network protocols...

[SECURITY] Fedora 31 Update: marked-1.1.0-3.fc31

Install this for command line tool and man page. marked is a full-featured markdown compiler that can parse huge chunks of markdown without having to worry about caching the compiled output or blocking for an unnecessarily long time. marked is extremely fast and frequently outperforms similar...

[SECURITY] Fedora 32 Update: marked-1.1.0-3.fc32

Install this for command line tool and man page. marked is a full-featured markdown compiler that can parse huge chunks of markdown without having to worry about caching the compiled output or blocking for an unnecessarily long time. marked is extremely fast and frequently outperforms similar...

openSUSE Security Update : gcc9 (openSUSE-2020-716)

This update includes the GNU Compiler Collection 9. This update ships the GCC 9.3 release. A full changelog is provided by the GCC team on : https://www.gnu.org/software/gcc/gcc-9/changes.html The base system compiler libraries libgccs1, libstdc++6 and others are now built by the gcc 9 packages. ...

openSUSE: Security Advisory for gcc9 (openSUSE-SU-2020:0716-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Moderate: Red Hat Security Advisory: devtoolset-9-gcc security and bug fix update

An update for devtoolset-9-gcc is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Security update for gcc9 (moderate)

openSUSE Security Update: Security update for gcc9 Announcement ID: openSUSE-SU-2020:0716-1 Rating: moderate References: 1114592 1135254 1141897 1142649 1142654 1148517 1149145 1149995 1152590 1167898 Cross-References: CVE-2019-14250 CVE-2019-15847 Affected Products: openSUSE Leap 15.1 An update...

CVE-2020-12647

Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 60.0 before 60.0a.5 can emit invalid code sequences under rare circumstances related to syntax. The resulting code could, for example, trigger a system fault or adversely affect confidentiality, integrity, and availability...

Code injection

Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 60.0 before 60.0a.5 can emit invalid code sequences under rare circumstances related to syntax. The resulting code could, for example, trigger a system fault or adversely affect confidentiality, integrity, and availability...

CVE-2020-12647

The CVE-2020-12647 entry affects Unisys ALGOL Compiler versions 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 60.0 before 60.0a.5. The issue is that the compiler can emit invalid code sequences under rare syntax-related conditions, potentially leading to a system fault and impacts to confidentia...

CVE-2020-12647

Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 60.0 before 60.0a.5 can emit invalid code sequences under rare circumstances related to syntax. The resulting code could, for example, trigger a system fault or adversely affect confidentiality, integrity, and availability...

gcc-toolset-9-annobin bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...

gcc-toolset-9-annobin bug fix and enhancement update

An update is available for gcc-toolset-9-annobin. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent versions...

ALBA-2020:1754 gcc-toolset-9-annobin bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...

gcc-toolset-9-make bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...