CVE-2021-43055

The CVE-2021-43055 issue affects TIBCO eFTL Server within TIBCO eFTL products (Community, Developer, and Enterprise Editions). The vulnerability stems from an information/privileges inheritance flaw that lets a connected client inherit permissions from the initial client on the affected system, e...

Tibco Eftl 信息泄露漏洞

Tibco Eftl is an add-on to Tibco Ftl and Tibco Enterprise Message Service™ from Tibco USA, Inc. Extending Tibco Ftl® messaging to platforms such as Web browsers and mobile devices, an information disclosure vulnerability exists in TIBCO eFTL, which stems from a client inheriting privileges from a...

CVE-2021-43201

CVE-2021-43201 affects JetBrains TeamCity prior to 2021.1.3. The issue allows a newly created project to inherit settings from a deleted project, as documented by the CVE description and JetBrains’ Q3-2021 security bulletin (resolved in 2021.1.3). Affected software: JetBrains TeamCity (pre-2021.1...

GHSA-R7RH-G777-G5GX SilverStripe GraphQL Server permission checker not inherited by query subclass.

Default SilverStripe GraphQL Server aka silverstripe/graphql 3.x through 3.4.1 permission checker not inherited by query subclass...

CVE-2021-28661

Default SilverStripe GraphQL Server aka silverstripe/graphql 3.x through 3.4.1 permission checker not inherited by query subclass...

CVE-2021-23998

Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

CVE-2021-23998

Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Intel NUC 安全漏洞

The Intel NUC is a small minicomputer from Intel USA. A security vulnerability exists in Intel NUC versions prior to 1.1, which stems from an insecure inheritance of privileges in the software that could allow authenticated users to enable privilege escalation via local access...

Intel NUC Kit 权限许可和访问控制问题漏洞

The Intel NUC Kit is a small desktop computer from Intel Corporation USA. The Intel NUC Kit is vulnerable to a privilege-granting and access-control issue, which arises from an insecure inheritance of privileges that could allow an authenticated user to potentially enable privilege escalation via...

Prototype Pollution

Overview merge-deep before 3.0.3 can be tricked into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in the program, thus facilitating prototype-pollution attacks against applications using this library. Recommendation...

kernel: Use after free via PI futex state

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

The vulnerability of Linux operating system’s kernel-based PI futex components, which allows a hacker to execute arbitrary code at the kernel level

The vulnerability of Linux operating system’s kernel PI futexes relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code at the kernel level...

PT-2024-11102 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0-rc8+ Description: The issue arises when booting a kernel with "irqchip.gicv3 pseudo nmi=1" on the command line, causing a warning during kernel entry due to the manipulation of the PMR. The lockdep hardir...

SUSE-SU-2021:1498-1 Security update for samba

This update for samba fixes the following issues: - CVE-2021-20277: Fixed an out of bounds read in ldbhandlerfold bsc1183574. - CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs bsc1183572. - Avoid...

SUSE-SU-2021:1492-1 Security update for samba

This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. - Avoid free'ing our own pointer in memcache when memcachetrim attempts to reduce cache size bsc1179156. - Adjust smbcacls '--propagate-inheritance' feature to align with upstre...

OPENSUSE-SU-2021:0636-1 Security update for samba

This update for samba fixes the following issues: - CVE-2021-20277: Fixed an out of bounds read in ldbhandlerfold bsc1183574. - CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs bsc1183572. - Avoid...

SUSE SLES12 Security Update : samba (SUSE-SU-2021:1439-1)

This update for samba fixes the following issues : CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. Adjust smbcacls '--propagate-inheritance' feature to align with upstream bsc1178469. Note that Tenable Network Security has extracted the preceding description block directly fro...

Oracle Linux 7 : firefox (ELSA-2021-1363)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1363 advisory. 78.10.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....

Mozilla: Secure Lock icon could have been spoofed

Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Mozilla: Secure Lock icon could have been spoofed

Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...