99 matches found
ROS-2-2160
2.2160 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
KLA12392 RCE vulnerability in Microsoft Azure
Remote code execution vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-44228 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...
ROS-2-1249
2.1249 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...
ROS-2-2150
2.2150 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-1720
2.1720 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial-of-service DoS attack.Identifier of the Information Security Threat Data Bank of the...
ROS-2-2130
2.2130 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...
Vulnerability fixed in Microsoft Power BI
A vulnerability has been fixed in the Microsoft Power BI application. A malicious party could potentially abuse it to execute arbitrary code with elevated privileges. Microsoft has made updates available that fix the described vulnerability described. We recommend that you install these updates...
Vulnerabilities fixed in Microsoft Browsers
There are several vulnerabilities in Microsoft Edge. The vulnerabilities allow a malicious person to execute arbitrary execute arbitrary code with user privileges. Also, the malicious impersonate another user. Microsoft Edge: |----------------|------|-------------------------------------| | CVE I...
Vulnerabilities fixed in Microsoft Azure
Vulnerabilities have been fixed in Azure. The vulnerabilities allow a malicious person to bypass security measures. Azure Sphere: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |. |----------------|------|-------------------------------------| |...
Vulnerability fixed in Red Hat JBoss Enterprise Application Platform
A vulnerability has been fixed in JBoss Enterprise Application Platform. The vulnerability allows a malicious party to launch a Denial-of-Service DoS attack. -= Red Hat =- Red Hat has made updates available. You can install these updates install using the command 'yum'. More information about the...
August 17, 2019—KB4512514 (Preview of Monthly Rollup)
August 17, 2019—KB4512514 Preview of Monthly Rollup IMPORTANT Verify that you have installed the updates listed in the How to get this update section before installing this update. For all updates starting with August 13, 2019, we strongly recommend that you install these updates to prevent any...
KLA11287 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A tampering vulnerability in Microsoft Office...
Microsoft Windows: Automatic Download and Install of updates (Store)
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winstoreautoupdatedownload.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Turn off Automatic Download and Install of updates Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...
Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse
Overview Wi-Fi Protected Access WPA, more commonly WPA2 handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point AP or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to...
KLA10894 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10892. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...
CVE-2013-1764
The Zypper aka zypp backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method...
CVE-2013-1764
The Zypper aka zypp backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method...
Design/Logic Flaw
The Zypper aka zypp backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method...
CVE-2013-1764
The Zypper aka zypp backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method...
PT-2014-1871 · Red Hat · Yum +1
Name of the Vulnerable Software and Affected Versions: yum versions 3.4.3 and earlier Description: The issue allows remote attackers to bypass the RMP package signing restriction, potentially leading to a violation of protected information integrity. This can be exploited remotely. The...