CVE-2019-11752

It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox 69, Thunderbird 68.1, Thunderbird 60.9, Firefox ESR 60.9, and Firefox ESR 68.1...

CVE-2019-11752

It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox 69, Thunderbird 68.1, Thunderbird 60.9, Firefox ESR 60.9, and Firefox ESR 68.1...

CVE-2019-11752

It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox 69, Thunderbird 68.1, Thunderbird 60.9, Firefox ESR 60.9, and Firefox ESR 68.1...

Mozilla Thunderbird < 68.1

The version of Thunderbird installed on the remote Windows host is prior to 68.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-30 advisory. - It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results ...

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat OpenStack Platform 14.0 Rocky. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat OpenStack Platform 9.0 Operational Tools for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

Debian: Security Advisory (DLA-1850-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: etcd security, bug fix, and enhancement update

An update for etcd is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Fedora Update for etcd FEDORA-2019-219b0b0b6a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 29 Update: etcd-3.3.12-4.20190413gitf29b1ad.fc29

A highly-available key value store for shared configuration...

[SECURITY] Fedora 30 Update: etcd-3.3.12-1.20190314gite1ca3b4.fc30

A highly-available key value store for shared configuration...

Not just for Processing: How Kafka Streams as a Distributed Database Boosted our Reliability and Reduced Maintenance

The Apache Kafka Streams library is used by enterprises around the world to perform distributed stream processing on top of Apache Kafka. One aspect of this framework that is less talked about is its ability to store local state, derived from stream processing. In this blog post we describe how w...

ImageMagick memory leak vulnerability (CNVD-2019-14102)

ImageMagick Studio ImageMagick is a suite of open-source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. ImageMagick Studio ImageMagick version 7.0.8-36 Q16 contains a security vulnerability in the...

CVE-2019-10060

The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability...

(RHSA-2019:0237) Moderate: etcd security, bug fix, and enhancement update

The etcd packages provide a highly available key-value store for shared configuration. The following packages have been upgraded to a later upstream version: etcd 3.3.11. BZ1664290 Security Fixes: etcd: Improper Authentication in auth/store.go:AuthInfoFromTLS via gRPC-gateway CVE-2018-16886 For...

The vulnerability of the Redis database implementation of the Cisco Policy Suite for Mobile software management platform and the Cisco Policy Suite Diameter Routing Agent allows a perpetrator to reduce the effectiveness of the software.

The vulnerability of the Redis database implementation in the Cisco Policy Suite software and the Cisco Policy Suite Diameter Routing Agent is related to authentication errors when accessing the Redis server. Exploiting this vulnerability can allow an attacker to reduce the effectiveness of the...

Moderate: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

CVE-2018-0181

A vulnerability in the Redis implementation used by the Cisco Policy Suite for Mobile and Cisco Policy Suite Diameter Routing Agent software could allow an unauthenticated, remote attacker to modify key-value pairs for short-lived events stored by the Redis server. The vulnerability is due to...

Linux systemd Line Splitting

systemd: reexec state injection: fgets on overlong lines leads to line splitting CVE-2018-15686 I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at https://github.com/systemd/systemd/blob/master/docs/CONTRIBUTING.mdsecurity-vulnerability-reports . When system...

Linux systemd Line Splitting Exploit

Linux has an issue with systemd where overlong input to fgets during reexec state injection can lead to line splitting. systemd: reexec state injection: fgets on overlong lines leads to line splitting CVE-2018-15686 I am sending this bug report to Ubuntu, even though it's an upstream bug, as...