PT-2025-14780 · Projeqtor · Projeqtor

Name of the Vulnerable Software and Affected Versions: Projeqtor versions up to 12.0.2 Description: A critical issue affects some unknown functionality of the file /tool/saveAttachment.php, where the manipulation of the attachmentFiles argument leads to unrestricted upload. The attack can be...

Apache Hadoop allows local user to gain root privileges

Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote authenticated users, this MAY permit remote users to gain root privileges. Hadoop 3.3.0 updated the "...

PT-2023-3352 · Fortinet · Forticlient +1

Name of the Vulnerable Software and Affected Versions: FortiClient versions 7.0.0 through 7.0.6 FortiClient versions 6.4.0 through 6.4.8 FortiClient version 6.0.0 FortiConverter versions 6.2.0 through 6.2.1 FortiConverter version 7.0.0 FortiConverter version 6.0.0 Description: The issue is relate...

PT-2022-2582 · Apache · Apache Couchdb

Name of the Vulnerable Software and Affected Versions: Apache CouchDB versions prior to 3.2.2 Description: The issue concerns an improperly secured default installation of Apache CouchDB, allowing an attacker to access the system without authentication and gain admin privileges. The CouchDB...

SUSE-SU-2020:2271-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: - update to 12.4: CVE-2020-14349, bsc1175193: Set a secure searchpath in logical replication walsenders and apply workers CVE-2020-14350, bsc1175194: Make contrib modules' installation scripts more secure...

SYS.1.2.2.A2

Ziel des Bausteins SYS.1.2.2 ist die Absicherung von Microsoft Windows Server 2012 und Microsoft Windows Server 2012 R2. Die Basis-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

[SECURITY] Fedora 17 Update: zeroinstall-injector-2.3-1.fc17

The Zero Install Injector makes it easy for users to install software without needing root privileges. It takes the URL of a program and runs it downloading it first if necessary. Any dependencies of the program are fetched in the same way. The user controls which version of the program and its...

[SECURITY] Fedora 13 Update: gitolite-1.4.2-1.fc13

Gitolite allows a server to host many git repositories and provide access to many developers, without having to give them real userids on the server. The essential magic in doing this is ssh's pubkey access and the authorized keys file, and the inspiration was an older program called gitosis...