CVE-2021-23998

Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Mozilla Firefox < 88.0

The version of Firefox installed on the remote Windows host is prior to 88.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-16 advisory. - Mozilla developers and community members Ryan VanderMeulen, Sean Feng, Tyson Smith, Julian Seward, Christian Holler...

Security Vulnerabilities fixed in Firefox ESR 78.10 — Mozilla

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary cod...

kernel: Use after free via PI futex state

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

USN-4884-1: Linux kernel (OEM) vulnerabilities

Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service system crash. CVE-2021-20194 It was discovered that the priority inheritance futex...

Ubuntu: Security Advisory (USN-4878-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4878-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 Ryota Shiga discovered that the sockopt BPF hooks in th...

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling allowing local users to execute code in the kernel aka CID-34b1a1ce1458.

...

ALPINE-CVE-2019-25016

In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command. Rules that only allowed to authenticated user to execute specific commands were not affected by this issue...

DRUPAL-CONTRIB-2021-003

This module enables you to add groups to other groups in a tree structure where access can be inherited up or down the tree. When you configure Subgroup to have a tree with at least three levels, users may inadvertently get permissions in a group that is an uncle or cousin of the source group,...

Subgroup - Less critical - Access bypass - SA-CONTRIB-2021-003

This module enables you to add groups to other groups in a tree structure where access can be inherited up or down the tree. When you configure Subgroup to have a tree with at least three levels, users may inadvertently get permissions in a group that is an uncle or cousin of the source group,...

X (Formerly Twitter): Open Redirect on https://www.twitterflightschool.com/widgets/experience?destination_url=https://evil.com

This report details an open redirect issue that enabled crafting potentially malicious URLs which could be used to redirect users to a site specified in a URL parameter of the URL creator's choosing. This may allow an attacker to exploit a user's trust by leveraging open redirect on the affected...

Fedora 32 : xen (2020-df772b417b)

xenstore watch notifications lacking permission checks XSA-115, CVE-2020-29480 1908091 Xenstore: new domains inheriting existing node permissions XSA-322, CVE-2020-29481 1908095 Xenstore: wrong path length check XSA-323, CVE-2020-29482 1908096 Xenstore: guests can crash xenstored via watchs...

SUSE-SU-2020:3916-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

SUSE SLES12 Security Update : xen (SUSE-SU-2020:3880-1)

This update for xen fixes the following issues : CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

Design/Logic Flaw

An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes...

CVE-2020-29481

An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes...

Xen Security Vulnerabilities

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. Xen through version 4.14.x has a security...

HackerOne: Open Redirect on http://events.hackerone.com/redirect?url=https://naglinagli.github.io

@nagli found an open redirect vulnerability in a 3rd party vendor that was used by HackerOne. This system did not contain any data related to reports submitted and stored on hackerone.com. HackerOne worked with the vendor to remediate the vulnerability. The report is partially disclosed to...

CVE-2020-13308

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. A user without 2 factor authentication enabled could be prohibited from accessing GitLab by being invited into a project that had 2 factor authentication inheritance...