[SECURITY] Fedora 32 Update: mingw-wavpack-5.4.0-1.fc32

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

[SECURITY] Fedora 33 Update: mingw-wavpack-5.4.0-1.fc33

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

CVE-2020-28599

A stack-based buffer overflow vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2020-28599

A stack-based buffer overflow vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2020-28599

A stack-based buffer overflow vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

Code injection

IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality such as a library from a source that is outside of the intended control sphere. IBM X-Force ID: 196619...

CVE-2021-20443

IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality such as a library from a source that is outside of the intended control sphere. IBM X-Force ID: 196619...

Advantech WebAccess/SCADA 路径遍历漏洞

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local file inclusion vulnerability...

OPENSUSE-SU-2021:0277-1 Security update for librepo

This update for librepo fixes the following issues: - Upgrade to 1.12.1 + Validate path read from repomd.xml bsc1175475, CVE-2020-14352 - Changes from 1.12.0 + Prefer mirrorlist/metalink over baseurl rh1775184 + Decode package URL when using for local filename rh1817130 + Fix memory leak in...

Cross site scripting

An out-of-bounds write vulnerability exists in the Obj.cpp loadobj functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

Microsoft Dynamics 365 (on-premises) Update 2.26

Microsoft Dynamics 365 on-premises Update 2.26 Introduction Service Update 2.26 for Microsoft Dynamics CRM on-premises 8.2 is now available. This article describes the hotfixes and updates that are included in Service Update 2.26. More information Update package| Version number ---|--- Microsoft...

Service Update 0.24 for Microsoft Dynamics 365 9.0

Service Update 0.24 for Microsoft Dynamics 365 9.0 INTRODUCTION Service Update 9.0.24 for Microsoft Dynamics CRM on-premises 9.0 is now available. This article describes the hotfixes and updates that are included in Service Update 9.0.24. MORE INFORMATION Update package| Version number ---|---...

SmartFoxServer 2X 2.17.0 Remote Code Execution

SmartFoxServer 2X 2.17.0 God Mode Console Remote Code Execution Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote Admin: 3.2.6 SmartFoxServer 2X, Pro, Basic Summary: SmartFoxServer SFS is a comprehensive SDK for rapidly developing...

CVE-2021-25227

Trend Micro Antivirus for Mac 2021 Consumer is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...

Code injection

A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login functionality was implemented in a way that would enable a malicious user to guess valid username due to a different response time from invalid usernames...

Rocket.Chat Cross-Site Scripting Vulnerability (CNVD-2021-09040)

Rocket.Chat is an open source team chat software. A cross-site scripting vulnerability exists in Rocket.Chat server versions prior to 3.9.0, which stems from the drag-and-drop functionality being susceptible to XSS attacks. No details of the vulnerability are available at this time...

Oracle Linux 7 : kernel (ELSA-2021-0336)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0336 advisory. - fs block: Fix use-after-free in blkdevget Ming Lei 1902414 CVE-2020-15436 Tenable has extracted the preceding description block directly from the...

[SECURITY] Fedora 32 Update: wavpack-5.4.0-1.fc32

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

CVE-2020-13564

A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template aclid parameter...

CVE-2020-13564

A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template aclid parameter...