Security fix for the ALT Linux 10 package thunderbird version 91.0-alt1

Aug. 12, 2021 Andrey Cherepanov 91.0-alt1 - New version. - Security fixes: + CVE-2021-29986 Race condition when resolving DNS names could have led to memory corruption + CVE-2021-29981 Live range splitting could have led to conflicting assignments in the JIT + CVE-2021-29988 Memory corruption as ...

Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5037-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5037-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could...

PT-2021-21808 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: An attacker can craft a TFLite model that would trigger a null pointer...

Denial Of Service (DoS)

firefox is vulnerable to denial of service. An exploitable crash is possible from incorrect instruction reordering during JIT optimization...

kernel security, bug fix, and enhancement update

4.18.0-305.12.14.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

UBUNTU-CVE-2021-29982

Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory. This vulnerability affects Firefox 91 and Thunderbird 91...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S. Mozilla Firefox is vulnerable to a type obfuscation vulnerability that stems from a faulty JIT optimization and a type obfuscation error. A remote attacker could trick a victim into opening a carefully construct...

Mozilla Firefox 缓冲区错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a buffer error vulnerability that stems from incorrect instruction reordering during JIT optimization...

Mozilla Firefox < 91.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 91.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-33 advisory. - Mozilla developers and community members Kershaw Chang, Philipp, Chris Peterson, and Sebastian Hengst reporte...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2021-29736)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

CVE-2021-24430

The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its cachingexcludeurls and cachingincludequerystrings settings before outputting them in a PHP file, which could lead to RCE...

Design/Logic Flaw

The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its cachingexcludeurls and cachingincludequerystrings settings before outputting them in a PHP file, which could lead to RCE...

This New Malware Hides Itself Among Windows Defender Exclusions to Evade Detection

Cybersecurity researchers on Tuesday lifted the lid on a previously undocumented malware strain dubbed "MosaicLoader" that singles out individuals searching for cracked software as part of a global campaign. "The attackers behind MosaicLoader created a piece of malware that can deliver any payloa...

Vulnerabilities fixed in Citrix ADC, Gateway and SDWAN WAN-OP

Citrix has fixed vulnerabilities in Citrix ADC formerly NetScaler ADC, Gateway formerly NetScaler Gateway and SDWAN WAN-OP. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or gain access to sensitive data by taking over sessions. To cause a Denial-of-Service, the...

OPENSUSE-SU-2021:1052-1 Security update for fossil

This update for fossil fixes the following issues: fossil 2.16: Add the fossil patch command Improve the fossil ui command to work on check-out directories and remote machines web UI improvements Add fossil bisect run command for improved automation of bisects Improve fossil merge handling of...

OPENSUSE-SU-2021:1050-1 Security update for fossil

This update for fossil fixes the following issues: fossil 2.16: Add the fossil patch command Improve the fossil ui command to work on check-out directories and remote machines web UI improvements Add fossil bisect run command for improved automation of bisects Improve fossil merge handling of...

Security update for fossil (moderate)

openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2021:1050-1 Rating: moderate References: 1187988 Affected Products: openSUSE Backports SLE-15-SP3 An update that contains security fixes can now be installed. Description: This update for fossil fixes the following...

Security update for fossil (moderate)

openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2021:1051-1 Rating: moderate References: 1187988 Affected Products: openSUSE Backports SLE-15-SP2 An update that contains security fixes can now be installed. Description: This update for fossil fixes the following...

Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.

Summary There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS Next, IBM Engineering Workflow Management EWM, IBM...

SQL Injection Vulnerability in Zhejiang Dingcheng Network Co.

Zhejiang Dingcheng Network Co., Ltd. is a company with experience in Internet marketing services, the main products are responsive website construction, marketing website construction, website SEO optimization and other Internet marketing basic services. Zhejiang Dingcheng Network Co., Ltd. websi...