188 matches found
Access Control Bypass
firefox is vulnerable to access control bypass. A remote attacker is able to bypass security restrictions as a result of enabling of network partitioning. By persuading a victim to visit a malicious web site, the error on a domain can be overridden which had specified HTTP Strict Transport Securi...
KLA12228 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. A securit...
Mozilla Firefox 权限许可和访问控制问题漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a Privilege Permission and Access Control Issues vulnerability that stems from the application allowing overriding of HSTS errors when network partitioning is enabled, due ...
SUSE: Security Advisory (SUSE-SU-2018:3074-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3074-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Veeam ONE Database Partitioning
Purpose This article documents the procedure for implementing database partitioning to improve the performance of Veeam ONE deployments where the database in use was first created using Veeam ONE 9.x or older. Starting with Veeam ONE version 10, all newly deployed Veeam ONE databases are already...
GPT fdisk: Integer underflow
Background GPT fdisk consisting of the gdisk, cgdisk, sgdisk, and fixparts programs is a set of text-mode partitioning tools for Linux, FreeBSD, Mac OS X, and Windows. Description It was discovered that ReadLogicalParts function in basicmbr.cc was missing a bounds check. Impact A local attacker...
Vulnerability of the Server component: The Oracle MySQL Server database management system’s partitioning scheme allows a hacker to trigger a service failure.
Vulnerability of the Server component: The Oracle MySQL Server database management system’s partitioning mechanism is vulnerable due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...
Vulnerability of the Server component: The Oracle MySQL Server database management system’s partitioning scheme allows a hacker to trigger a service failure.
Vulnerability of the Server component: The Oracle MySQL Server database management system’s partitioning mechanism is vulnerable due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...
[SECURITY] Fedora 34 Update: gnome-disk-utility-40~rc-1.fc34
This package contains the Disks and Disk Image Mounter applications. Disks supports partitioning, file system creation, encryption, fstab/crypttab editing, ATA SMART and other features...
Fedora: Security Advisory for gnome-disk-utility (FEDORA-2021-303f6623fa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
How to make a software BTRFS RAID1 with LUKS2 FDE
The guide below is simplified in a way that preparing the boot partition is not covered. Software based btrfs RAID1 requires two devices, which conceptually dont even need to be on different disks. But for obvious reasons, its a good idea if they are… Having mirroring against encrypted storage...
kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service
A flaw was found in the way Linux kernel's Dynamic Logical Partitioning DLPAR functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the...
[ASA-202010-8] kpmcore: privilege escalation
Arch Linux Security Advisory ASA-202010-8 ========================================= Severity: High Date : 2020-10-18 CVE-ID : CVE-2020-27187 Package : kpmcore Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1253 Summary ======= The package kpmcore before version...
kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service
A flaw was found in the way Linux kernel's Dynamic Logical Partitioning DLPAR functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the...
CVE-2020-15200
In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...
Heap overflow
In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...
kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service
A flaw was found in the way Linux kernel's Dynamic Logical Partitioning DLPAR functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the...
CVE-2018-11802
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all...
CVE-2018-11802
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all...