SUSE SLED15 / SLES15 Security Update : polkit (SUSE-SU-2019:2018-1)

This update for polkit fixes the following issues : Security issue fixed : CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend bsc1121826. Note that Tenable Network Security has extracted the preceding description block directly from...

The vulnerability of the installation mechanism for the software development tools for Intel Data Center Manager SDK allows a perpetrator to disclose protected information due to security flaws in the mechanism.

The vulnerability of the mechanism for installing the software set for developing Intel Data Center Manager SDK is related to security flaws in this mechanism. Exploiting this vulnerability could allow attackers to disclose sensitive information that is protected by this system...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 72 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 72.0.3626.81 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

KLA11404 Multiple vulnerabilities in Microsoft Development Tools

Multiple vulnerabilities were found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, perform cross-site scripting attacks. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability in Team Foundation...

SUSE SLED15 / SLES15 Security Update : pam (SUSE-SU-2018:3965-1)

This update for pam fixes the following issue : Security issue fixed : CVE-2018-17953: Fixed IP address and subnet handling of pamaccess.so that was not honoured correctly when a single host was specified bsc1115640. Note that Tenable Network Security has extracted the preceding description block...

SUSE SLED15 / SLES15 Security Update : Initial update for kernel-azure (SUSE-SU-2018:1952-1)

This update is the initial delivery of the Azure flavor of the Linux Kernel, which contains enhancements and optimizations for running the SUSE Linux Enterprise kernel in the Azure cloud. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...

KLA11358 Multiple vulnerabilities in Microsoft Development Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft PowerShell can be exploited...

KLA11288 Multiple vulnerabilities in Microsoft Development Tools

Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A tampering...

CVE-2018-5112

Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to...

Design/Logic Flaw

Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to...

CVE-2018-5112

Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to...

CVE-2018-5112

Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to...

FreeBSD : mozilla -- multiple vulnerabilities (a891c5b4-3d7a-4de9-9c71-eef3fd698c77)

Mozilla Foundation reports : CVE-2018-5091: Use-after-free with DTMF timers CVE-2018-5092: Use-after-free in Web Workers CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory...

Mozilla Firefox Security Advisories (MFSA2018-02, MFSA2018-03) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

CVE-2018-5112

Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to...

UBUNTU-CVE-2018-5112

Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to...

KLA11182 Multiple vulnerabilities in Micrsoft Development Tools

Microsoft released update to address vulnerabilities in Microsoft Update KB4055002. For details look at KLA11172 Original advisories - Related products Microsoft-.NET-Framework Microsoft-Windows-7 Microsoft-Windows-Server-2008 CVE list KB list 4074880 Solution Install necessary updates from the K...

KLA11133 Multiple vulnerabilities in Microsoft Development Tools

Multiple vulnerabilities were found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in ASP.NET Core can be...

KLA11047 Multiple vulnerabilities in Microsoft Development Tools

Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Original advisories - Exploitation Public exploits exist for this vulnerability. Malware exists for this...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability in the development tools of the Primetime software platform, Flash Player, arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memory corruption remotely...