gcc-toolset-9-make bug fix and enhancement update

An update is available for gcc-toolset-9-make. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent versions of...

ALBA-2020:1742 gcc-toolset-9-make bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...

gcc-toolset-9-strace bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...

ALBA-2020:1737 gcc-toolset-9-strace bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...

gcc-toolset-9-binutils bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...

gcc-toolset-9-binutils bug fix and enhancement update

An update is available for gcc-toolset-9-binutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent version...

gcc-toolset-9 bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...

gcc-toolset-9 bug fix and enhancement update

An update is available for gcc-toolset-9. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent versions of...

ALBA-2020:1666 gcc-toolset-9 bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...

Oracle GraalVM Enterprise Edition Unauthorized Access Vulnerability

Oracle GraalVM Enterprise Edition is a multilingual virtual machine based on Oracle's Enterprise Java SE. A security vulnerability exists in the GraalVM Compiler component in Oracle GraalVM Enterprise Edition 19.3.1, 20.0.0. An attacker could exploit this vulnerability to affect the integrity...

EulerOS 2.0 SP3 : gcc (EulerOS-SA-2020-1383)

According to the version of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking source...

SUSE-SU-2020:0394-1 Security update for gcc9

This update for gcc9 fixes the following issues: The GNU Compiler Collection is shipped in version 9. A detailed changelog on what changed in GCC 9 is available at https://gcc.gnu.org/gcc-9/changes.html The compilers have been added to the SUSE Linux Enterprise Toolchain Module. To use these...

CVE-2019-1003005

A flaw was found in the Jenkins Script Security plugin through version 1.50. The fix for CVE-2019-1003000 was found to be incomplete. Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code...

CVE-2019-9791

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

CVE-2019-9792

The IonMonkey just-in-time JIT compiler can leak an internal JSOPTIMIZEDOUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird...

CVE-2018-12886

stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the...

Exploit for Path Traversal in Nazgul Nostromo_Nhttpd

CVE-2019-16278 !Rusthttps://github.com/keshiba/cve-2019-16...

SharePoint Workflows XOML Injection

This module exploits a vulnerability within SharePoint and its .NET backend that allows an attacker to execute commands using specially crafted XOML data sent to SharePoint via the Workflows functionality. This module requires Metasploit: https://metasploit.com/download Current source:...

OS Command Injection

closure-compiler-stream is vulnerable to OS command injection. The args options are passed to the exec function without any validation and sanitization, allowing an attacker to inject and execute arbitrary OS commands...

closure-compiler-stream injection vulnerability

closure-compiler-stream is a stream interface to a closure compiler. A security vulnerability exists in closure-compiler-stream version 0.1.15 and earlier, which stems from the program failing to perform any cleanup operations on the user-controllable 'options' parameter. An attacker could use th...