PT-2021-20430 · Siemens · Jt2Go +1

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V13.2 Teamcenter Visualization versions prior to V13.2 Description: A vulnerability has been identified in the Tiff loader.dll library, which lacks proper validation of user-supplied data when parsing TIFF files. This...

DEBIAN-CVE-2021-21775

A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked in...

UBUNTU-CVE-2021-21775

A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked in...

OESA-2021-1257 PyYAML security update

YAML is a data serialization format designed for human readability and interaction with scripting languages. PyYAML is a YAML parser and emitter for Python. PyYAML features a complete YAML 1.1 parser, Unicode support, pickle support, capable extension API, and sensible error messages. PyYAML...

Ransomware. In the air?

Introduction As an exercise, we were asked to look at the potential vectors for ransomware to affect flight despatch and operations. In most cases, flight systems simply werent significantly exposed, but ground systems affected by ransomware may make flight ops either impossible or significantly...

[ASA-202107-2] electron11: multiple issues

Arch Linux Security Advisory ASA-202107-2 ========================================= Severity: Critical Date : 2021-07-01 CVE-ID : CVE-2021-30544 CVE-2021-30548 CVE-2021-30551 Package : electron11 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2099 Summary ======= Th...

EulerOS Virtualization 3.0.6.6 : PyYAML (EulerOS-SA-2021-2031)

According to the version of the PyYAML package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:0938-1 Rating: important References: 1187141 1187481 Cross-References: CVE-2021-30544 CVE-2021-30545 CVE-2021-30546 CVE-2021-30547 CVE-2021-30548 CVE-2021-30549 CVE-2021-30550 CVE-2021-30551 CVE-2021-30552...

Nvidia NVIDIA MB2 缓冲区错误漏洞

Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. A security vulnerability exists in NVIDIA MB2 that stems from a boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could result in heap metadata corruption. An attacker can exploit the vulnerability to...

Nvidia NVIDIA MB2 缓冲区错误漏洞

Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. A security vulnerability exists in NVIDIA MB2 that stems from a boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could result in heap metadata corruption. An attacker can exploit the vulnerability to...

Nvidia NVIDIA MB2 缓冲区错误漏洞

Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. NVIDIA MB2 suffers from a buffer error vulnerability that stems from the boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could result in heap metadata corruption. An attacker could exploit the...

NVIDIA MB2 访问控制错误漏洞

Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. NVIDIA MB2 suffers from an Access Control Error vulnerability that stems from the boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could lead to heap metadata corruption. An attacker could use this...

Nvidia NVIDIA MB2 缓冲区错误漏洞

Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. A security vulnerability exists in NVIDIA MB2 that stems from a boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could result in heap metadata corruption. An attacker can exploit the vulnerability to...

NVIDIA MB2 缓冲区错误漏洞

Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. NVIDIA MB2 suffers from a buffer error vulnerability that stems from the boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could result in heap metadata corruption. An attacker could exploit the...

Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets

As ransomware attacks against critical infrastructure skyrocket, new research shows that threat actors behind such disruptions are increasingly shifting from using email messages as an intrusion route to purchasing access from cybercriminal enterprises that have already infiltrated major targets...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:0881-1 Rating: important References: 1187141 Cross-References: CVE-2021-30544 CVE-2021-30545 CVE-2021-30546 CVE-2021-30547 CVE-2021-30548 CVE-2021-30549 CVE-2021-30550 CVE-2021-30551 CVE-2021-30552...

DEBIAN-CVE-2021-30548

Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Design/Logic Flaw

Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-30548

Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2021-30548

Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...