617 matches found
CVE-2012-3409
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation...
CVE-2012-3409
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation...
EulerOS 2.0 SP2 : policycoreutils (EulerOS-SA-2019-2400)
According to the version of the policycoreutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the...
October 8, 2019—KB4519990 (Security-only update)
October 8, 2019—KB4519990 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Security updates to Windows Cryptography, Windows Authentication, Windows Kernel, Windows Storage and Filesystems, Microsoft JET Database Engine, Internet...
October 8, 2019—KB4520005 (Monthly Rollup)
October 8, 2019—KB4520005 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4516041released September 24, 2019 and addresses the following issues: Addresses an issue with applications and printer drivers that utilize the Window...
September 10, 2019—KB4516033 (Security-only update)
September 10, 2019—KB4516033 Security-only update IMPORTANT Verify that you have installed the required updates listed in the How to get this update section before installing this update. Improvements and fixes This security update includes quality improvements. Key changes include: Provides...
php: File rename across filesystems may allow unwanted access during processing
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to...
E2fsprogs quotaio_tree.c report_tree() code execution vulnerability
Summary An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. Tested...
September 10, 2019—KB4516051 (Security-only update)
September 10, 2019—KB4516051 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling , for 32-B...
September 10, 2019—KB4516070 (OS Build 10240.18333)
September 10, 2019—KB4516070 OS Build 10240.18333 For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. Highlights Updates to improve security when using Internet Explorer, Microsoft Office,...
NewStart CGSL CORE 5.04 / MAIN 5.04 : policycoreutils Vulnerability (NS-SA-2019-0030)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has policycoreutils packages installed that are affected by a vulnerability: - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux conte...
July 9, 2019—KB4507462 (Monthly Rollup)
July 9, 2019—KB4507462 Monthly Rollup July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain controllers will intentionally block unconstrained delegation across forest, external, and quarantined trusts. Authentication requests for services that use unconstrained...
July 9, 2019—KB4507458 (OS Build 10240.18275)
July 9, 2019—KB4507458 OS Build 10240.18275 For more information about the various types of Windows updates, such as critical, security, driver, service packs, etc., please see the following article. July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain...
July 9, 2019—KB4507456 (Security-only update)
July 9, 2019—KB4507456 Security-only update July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain controllers will intentionally block unconstrained delegation across forest, external, and quarantined trusts. Authentication requests for services that use...
CVE-2018-20073
Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesystem...
June 11, 2019—KB4503293 (OS Build 18362.175)
June 11, 2019—KB4503293 OS Build 18362.175 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. Notes: This release also contains updates for Microsoft HoloLens OS Build 18362.1020 released June 11, 2019. Microsoft will release an update...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of service DoS attacks. The vulnerability exists in the function procpidstack of the file fs/proc/base.c when a user able to mount FUSE filesystems creating a process such that when another process attempting to read its command line will be blocked for a long...
EulerOS 2.0 SP2 : php (EulerOS-SA-2019-1332)
According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename across filesystems is implemented,...
Information Disclosure
Linux kernel is vulnerable to information disclosure. This vulnerability exists in the Linux kernel where filesystems mounted with data=ordered mode. An attacker to read stale data from recently allocated blocks in new files after a system 'reset' by abusing ext4 mechanics of delayed allocation...
April 9, 2019—KB4493450 (Security-only update)
April 9, 2019—KB4493450 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations. Addresses an issue that...