992 matches found
GHSA-HPH9-9VCQ-F7GP Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
An information exposure vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in DirectoryBrowserSupport.java that allows attackers with the ability to control build output to browse the file system on agents running builds beyond the duration of the build using the workspace...
Low: grub2 security, bug fix, and enhancement update
The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2: Incorrect...
Vulnerabilities fixed in IBM Spectrum Protect
IBM has fixed vulnerabilities in IBM Spectrum Protect and IBM Spectrum Protect Plus. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Manipulation of data Bypassing authenticatio...
Security Bulletin: Vulnerability in Flask and Python affects IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2021-33026, CVE-2022-0391)
Summary Elevation of privileges vulnerability in Flask and weaker than expected security in Python can affect IBM Spectrum Protect Plus Microsoft® File Systems backup and restore. Vulnerability Details CVEID: CVE-2021-33026 DESCRIPTION: Flask-Caching extension for Flask could allow a local...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections. Vulnerability Details CVEID: CVE-2021-35560...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections. Vulnerability Details CVEID: CVE-2021-35560...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections. Vulnerability Details CVEID: CVE-2021-35560...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections. Vulnerability Details CVEID: CVE-2021-35560...
vulhub
This repository is an open-source project for vulnerability research and training, maintained by phith0n. It contains a collection of vulnerable environments and tools for testing and learning about various security vulnerabilities. The repository is hosted on GitHub and has a community-driven...
ROS-20220128-03
A vulnerability in the standard util-linux command line utility package is related to incorrect parsing of the /proc/self/mountinfo file in libmount. parsing of the /proc/self/mountinfo file in libmount. Exploitation of the vulnerability could allow an attacker to, unmount other users' filesystem...
Security Bulletin: Vulnerability in Apache Log4j affects Content Collector for File Systems (CVE-2021-45105)
Summary Apache Log4j open source library is used by Content Collector for File Systems. This bulletin describes the upgrades necessary to address the vulnerability. Vulnerability Details CVEID: CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to...
Linux kernel information disclosure vulnerability (CNVD-2021-102393)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the U.S. KVM is one of the kernel-based virtual machines. overlayfs is one of the file systems. A security vulnerability exists in the Linux kernel that stems from a reference count leak in...
grub2 bug fix and enhancement update
An update for grub2 is now available for Rocky Linux 8. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures,...
[SECURITY] Fedora 35 Update: ntfs-3g-2021.8.22-2.fc35
NTFS-3G is a stable, open source, GPL licensed, POSIX, read/write NTFS driver for Linux and many other operating systems. It provides safe handling of the Windows XP, Windows Server 2003, Windows 2000, Windows Vista, Windows Server 2008 and Windows 7 NTFS file systems. NTFS-3G can create, remove,...
Adobe Creative Cloud Desktop Application Access Control Error Vulnerability
Adobe Creative Cloud Desktop Application, the management software for various Creative Cloud applications and services, is vulnerable to an access control error in Adobe Creative Cloud Desktop Application 5.4 and earlier, which could be exploited to write to arbitrary file systems...
Adobe Framemaker out-of-bounds read vulnerability
Adobe FrameMaker is a document processing program used to write and edit large or complex documents, including structured documents.An out-of-bounds read vulnerability exists in Adobe Framemaker 2019 Update 8, 2020 Release Update 2 and earlier versions. An attacker could exploit this vulnerabilit...
Adobe Framemaker out-of-bounds read vulnerability (CNVD-2021-73439)
Adobe FrameMaker is a document processing program used to write and edit large or complex documents, including structured documents.An out-of-bounds read vulnerability exists in Adobe Framemaker 2019 Update 8, 2020 Release Update 2 and earlier versions. An attacker could exploit this vulnerabilit...
Adobe XMP Toolkit SDK Out-of-Bounds Read Vulnerability (CNVD-2021-79742)
The Adobe XMP Toolkit SDK allows you to integrate XMP functionality into your product or solution.An out-of-bounds read vulnerability exists in Adobe XMP Toolkit SDK 2021.07 and earlier. An attacker could exploit this vulnerability to read arbitrary file systems...
Adobe Acrobat/Reader Information Disclosure Vulnerability (CNVD-2021-85261)
Adobe Reader also known as Acrobat Reader is a PDF document reader developed by Adobe. Adobe Acrobat is a PDF editing software developed by Adobe. Adobe Acrobat/Reader suffers from an information disclosure vulnerability. An attacker could exploit the vulnerability to read arbitrary file systems...
Adobe Acrobat/Reader Information Disclosure Vulnerability (CNVD-2021-85262)
Adobe Reader also known as Acrobat Reader is a PDF document reader developed by Adobe. Adobe Acrobat is a PDF editing software developed by Adobe. Adobe Acrobat/Reader suffers from an information disclosure vulnerability. An attacker could exploit the vulnerability to read arbitrary file systems...