USN-5292-4: snapd regression

USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced a regression that could break the fish shell. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Troup discovered that snap did not properly manage the permissions for...

USN-5292-4 snapd regression

USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced a regression that could break the fish shell. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Troup discovered that snap did not properly manage the permissions for...

Mageia: Security Advisory (MGASA-2014-0404)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

shells/fish -- arbitrary code execution via git

Peter Ammon reports: fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default...

Exploit for Expression Language Injection in Apache Log4J

tejas-nagchandi/CVE-2021-45046 Attack !imagehttps://use...

CVE-2021-33982

An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...

Session fixation

An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...

CVE-2021-33982

An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...

CVE-2021-33982

The vulnerability CVE-2021-33982 affects the Fish | Hunt FL iOS app (version 3.8.0 and earlier). It is described as an insufficient session expiration flaw that enables a remote attacker to reuse, spoof, or steal other users’ and admins’ sessions. Connected sources confirm the issue but do not pr...

CVE-2021-33981

CVE-2021-33981 affects the Fish | Hunt FL iOS app (versions 3.8.0 and earlier). The issue is an insecure direct object vulnerability in the hunting/fishing license retrieval function, allowing a remote authenticated attacker to access other users’ personal information and license images. Root cau...

Fish Hunt FL 信息泄露漏洞

Fish Hunt FL is used to manage Florida hunting and fishing licenses. An information disclosure vulnerability exists in Fish Hunt FL that stems from an insecure direct object vulnerability in the hunting/fishing license retrieval functionality of the Fish | Hunt FL iOS app version 3.8.0 release an...

File upload vulnerability exists in the Fish Leap CMS (CNVD-2021-41974)

FishLeap CMS is a content management system specifically geared towards enterprise applications. A file upload vulnerability exists in the backend of Fishy CMS, which can be exploited by attackers to gain server control privileges...

Flying FishStar Enterprise Intelligent Internet Behavior Management System suffers from information leakage vulnerability (CNVD-2021-41503)

Chengdu Flying Fish Star Technology Co., Ltd. is a company dedicated to providing intelligent and easy-to-use network communication products and services, continuously improving the quality of network usage through innovative technologies, and cooperating with users to create an intelligent and...

Fish Leap CMS has information leakage vulnerability

FishLeap CMS is a content management system specifically geared towards enterprise applications. An information disclosure vulnerability exists in Fish Leap CMS, which can be exploited by attackers to obtain sensitive information...

SQL Injection Vulnerability in Fish Leap CMS

FishLeap CMS is a content management system specifically geared towards enterprise applications. A SQL injection vulnerability exists in Fishy CMS, which can be exploited by attackers to obtain sensitive information from the database...

Flying FishStar Home Smart Route suffers from a logic flaw vulnerability (CNVD-2021-34435)

Founded in 2002, Chengdu Flying Fish Star Technology Co., Ltd. is a high-tech enterprise focusing on product innovation and R&D in digital communication industry and Internet of Things industry. Flying Fish Star Home Intelligent Routing has a logic flaw vulnerability that can be exploited by...

Flying FishStar Enterprise Intelligent Internet Behavior Management System Has Logic Flaw Vulnerability

Chengdu Flying Fish Star Technology Co., Ltd. is a company dedicated to providing intelligent and easy-to-use network communication products and services, continuously improving the quality of network usage through innovative technologies, and cooperating with users to create an intelligent and...

Privilege Bypass Vulnerability in Flying Fish Star Enterprise Intelligent Internet Behavior Management System

Chengdu Flying Fish Star Technology Co., Ltd. is a company dedicated to providing intelligent and easy-to-use network communication products and services, continuously improving the quality of network usage through innovative technologies, and cooperating with users to create an intelligent and...

Flying Fishstar Home Smart Route has a Logic Flaw Vulnerability

Founded in 2002, Chengdu Flying Fish Star Technology Co., Ltd. is a high-tech enterprise focusing on product innovation and R&D in digital communication industry and Internet of Things industry. A logic flaw vulnerability exists in Flying Fish Star Home Smart Route. An attacker can use the...

File Upload Vulnerability in Fish Leap CMS Backend

FishLeap CMS is made up of a content management system that is specifically geared towards enterprise applications. A file upload vulnerability exists in the backend of Fishy CMS. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...