DEBIAN-CVE-2020-24584

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077...

ALPINE-CVE-2020-24584

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077...

PYSEC-2020-33

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. FILEUPLOADDIRECTORYPERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level...

CVE-2020-24583

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. FILEUPLOADDIRECTORYPERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level...

UBUNTU-CVE-2020-24583

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. FILEUPLOADDIRECTORYPERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level...

openSUSE Security Update : perl (openSUSE-2020-850)

This update for perl fixes the following issues : - CVE-2020-10543: Fixed a heap buffer overflow in regular expression compiler which could have allowed overwriting of allocated memory with attacker's data bsc1171863. - CVE-2020-10878: Fixed multiple integer overflows which could have allowed the...

USN-4401-1 mutt vulnerabilities

It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. CVE-2020-14093 It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to proceeds with a connection even if the...

CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2020:1584-1)

This update for gnutls fixes the following issues : CVE-2020-13777: Fixed an insecure session ticket key construction which could have made the TLS server to not bind the session ticket encryption key with a value supplied by the application until the initial key rotation, allowing an attacker to...

CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

DEBIAN-CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

UBUNTU-CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

CVE-2020-14154

CVE-2020-14154 affects mutt prior to 1.14.3. In this version, the client proceeds with a connection after a GnuTLS certificate prompt where the user refuses an expired intermediate certificate, enabling potential trust bypass in TLS handshakes. The issue has been observed in multiple advisories (...

CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

openSUSE Security Update : gnutls (openSUSE-2020-790)

This update for gnutls fixes the following issues : - CVE-2020-13777: Fixed an insecure session ticket key construction which could have made the TLS server to not bind the session ticket encryption key with a value supplied by the application until the initial key rotation, allowing an attacker ...

Update fixes issues and adds support to MDM clients in Windows RT 8.1 and Windows 8.1

Update fixes issues and adds support to MDM clients in Windows RT 8.1 and Windows 8.1 Introduction This article describes a Mobile Device Manager MDM client update for Windows RT 8.1 and Windows 8.1. This update contains the following improvements and fixes the following issues. Improvement 1 The...

Remote Code Execution (RCE)

chakracore is vulnerable to remote code execution. The vulnerability exists in lib/Backend/Lower.cpp through an issue with interpreting the intermediate representation IR. This CVE ID is different from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713...

CVE-2020-8510

An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en user+perms+lang, one can login as any user without a password. Recent assessments: horshark at March 09, 2020 8:27pm UTC reported: CVE in SourceForge project phpABoo...

The vulnerability of the IS-IS routing protocol implementation in Cisco IOS XR allows a attacker to cause a service failure.

The vulnerability of the IS-IS routing protocol implementation in Cisco IOS XR is related to errors in handling SNMP requests. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2019-16027

A vulnerability in the implementation of the Intermediate SystemtoIntermediate System ISIS routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service DoS condition in the ISIS process. The vulnerability is due to improper...