CVE-2021-27255

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refreshstatus.aspx endpoint. The issue results from a lack o...

CVE-2021-22134

A flaw was found in elasticsearch. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents that have been updated and not yet refreshed in the index. This could result in the search disclosing the existence of...

SUSE-SU-2021:0670-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 25 bsc1182186, bsc1181239, CVE-2020-27221, CVE-2020-14803 CVE-2020-27221: Potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characte...

Security update for rclone (moderate)

openSUSE Security Update: Security update for rclone Announcement ID: openSUSE-SU-2021:0272-1 Rating: moderate References: 1179005 Cross-References: CVE-2020-28924 CVSS scores: CVE-2020-28924 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports SLE-15-SP2 A...

USN-4719-1: ca-certificates update

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.46 version of the Mozilla certificate authority bundle...

openSUSE Security Update : libzypp / zypper (openSUSE-2021-59)

This update for libzypp, zypper fixes the following issues : Update zypper to version 1.14.41 Update libzypp to 17.25.4 - CVE-2017-9271: Fixed information leak in the log file bsc1050625 bsc1177583 - RepoManager: Force refresh if repo url has changed bsc1174016 - RepoManager: Carefully tidy up th...

CWA for Windows does not dynamically update icons in start menu (published applications) | works fine if refresh apps in CWA is done

This articles describes how we can force an update on start menu applications coming from Citrix workspace app on the endpoint when there is a chance made, i.e.- application name changed from Citrix studio etc...

SUSE SLED15 / SLES15 Security Update : libzypp, zypper (SUSE-SU-2021:0109-1)

This update for libzypp, zypper fixes the following issues : Update zypper to version 1.14.41 Update libzypp to 17.25.4 CVE-2017-9271: Fixed information leak in the log file bsc1050625 bsc1177583 RepoManager: Force refresh if repo url has changed bsc1174016 RepoManager: Carefully tidy up the...

Apache Accumulo Access Control Error Vulnerability

Apache Accumulo is a reliable, scalable, high-performance sorted distributed Key-Value storage application from the Apache Foundation. An access control error vulnerability exists in Apache Accumulo versions 1.5.0 through 1.10.0 and 2.0.0 due to an authenticated user failing to properly check the...

Apache Accumulo 安全漏洞

Apache Accumulo is a reliable, scalable, high-performance sorted distributed Key-Value storage application from the Apache Foundation. An access control error vulnerability exists in Apache Accumulo versions 1.5.0 through 1.10.0 and 2.0.0 due to an authenticated user failing to properly check the...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM CPLEX Optimization Studio. IBM CPLEX Optimization Studio has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this product...

Salvoravida React-adal Authorization Issues Vulnerability

Salvoravida React-adal is a JS language based codebase for interacting with Azure Active Directory by Salvoravida Individual Developer. react-adal suffers from an authorization issue vulnerability that stems from the fact that for specially designed JWT tokens and request URLs, it is possible to...

Rowhammer DDR4 Vulnerability - Lenovo Support US

No description provided...

Security Bulletin: Vulnerability in Java SE libraries could allow unauthenticated attacker to cause denial of service

Summary An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by Rational Functional Tester RFT versions 8.6.0.7 - 9.5. RFT has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related ...

Moderate: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

An update is now available for Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

SUSE-SU-2020:2647-1 Security update for for SUSE Manager 4.1

This update for SUSE Manager 4.1 fixes the following issues: google-gson: - Use packages from SUSE:SLE-15-SP2:Update:Products:Manager41:Update to fix building other packages. httpcomponents-client: - Use packages from SUSE:SLE-15-SP2:Update:Products:Manager41:Update to fix building other packages...

Improper Authorization in passport-cognito

All versions of passport-cognito are vulnerable to Improper Authorization. The package fails to properly scope the variables containing authorization information, such as access token, refresh token and ID token. This causes a race condition where simultaneous authenticated users may receive...

SUSE-SU-2020:14484-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 4 Fix Pack 70 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: - UPDATE TIMEZONE INFORMATION TO TZDATA2020A...

Important: Red Hat Bug Fix Advisory: Satellite 6.7.2 Async Bug Fix Update

Updated Satellite 6.7 packages that fix several bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other clien...