7767 matches found
File Upload Vulnerability in Gas Call Distribution System of Shenzhen Puyan Computer Software Technology Co.
Shenzhen Puyan Computer Software Technology Co., Ltd. is a service provider specializing in providing information technology and intelligent products for gas enterprises. A file upload vulnerability exists in the gas call distribution system of Shenzhen Puyan Computer Software Technology Co. An...
python3 security update
3.6.8-18.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-18 - Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Resolves: rhbz1856481 - Resolve hash collisions for Pv4Interface and IPv6Interface CVE-2020-14422 Resolves: rhbz1854926...
CVE-2020-17049
A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket can be used for delegation via Kerberos Constrained Delegation KCD. To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service...
CVE-2020-17049
A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket can be used for delegation via Kerberos Constrained Delegation KCD. To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service...
Security feature bypass
A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket can be used for delegation via Kerberos Constrained Delegation KCD. To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service...
CVE-2020-17049
A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket can be used for delegation via Kerberos Constrained Delegation KCD. To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service...
Kerberos KDC Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket can be used for delegation via Kerberos Constrained Delegation KCD. To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service...
PT-2020-4776 · Microsoft +7 · Kerberos +9
Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket can be used for delegation via Kerberos Constrained Delegation KCD. ...
Debian DSA-4787-1 : moin - security update
Two vulnerabilities were discovered in moin, a Python clone of WikiWiki. - CVE-2020-15275 Catarina Leite discovered that moin is prone to a stored XSS vulnerability via SVG attachments. - CVE-2020-25074 Michael Chapman discovered that moin is prone to a remote code execution vulnerability via the...
Debian: Security Advisory (DSA-4785-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4785-1] raptor2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4785-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 07, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4784-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4784-1 [email protected] https://www.debian.org/security/ Sebastien Delafond November 06, 2020 https://www.debian.org/security/faq -...
tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c
An out-of-bounds read vulnerability was discovered in tcpdump while printing LDP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...
Directory Traversal Vulnerability in Gas Call Distribution System of Shenzhen Puyan Computer Software Technology Co.
Shenzhen Puyan Computer Software Technology Co., Ltd. is a service provider specializing in providing information technology and intelligent products for gas enterprises. There is a directory traversal vulnerability in the gas call distribution system of Shenzhen Puyan Computer Software Technolog...
[SECURITY] [DSA 4781-1] blueman security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4781-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 27, 2020 https://www.debian.org/security/faq -...
Google Removes 21 Malicious Android Apps from Play Store
Google has stepped in to remove several Android applications from the official Play Store following the disclosure that the apps in question were found to serve intrusive ads. The findings were reported by the Czech cybersecurity firm Avast on Monday, which said the 21 malicious apps list here we...
The vulnerability of the libbfd library in the GNU Binutils development environment allows a hacker to trigger a service failure.
The vulnerability of the libbfd library function elfreadnotes elf.c in the GNU Binutils development environment is related to the distribution of resources without restrictions. Exploiting this vulnerability could allow an attacker to cause a service failure...
Nessus Essentials with offline registration and plugin updates
In this episode, I would like to talk about Nessus Essentials and, in particular, how to register and update it without direct internet access. Nothing complicated, but there are a couple of pitfalls that I would like to share. Lets say you need to scan a host in a critical autonomous segment whe...
LokiBot Malware
Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency CISA with contributions...
Debian DSA-4777-1 : freetype - security update
Sergei Glazunov discovered a heap-based buffer overflow vulnerability in the handling of embedded PNG bitmaps in FreeType. Opening malformed fonts may result in denial of service or the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this...