Internet Bug Bounty: POST following PUT confusion

The bug I submitted at https://github.com/curl/curl/issues/9507 can have at least a few unintended security issues: Information Disclosure: this bug causes an HTTP PUT to occur when the user intends for an HTTP POST to occur. The user, who intended an HTTP POST, expects the POSTed information to...

nss and nspr bug fix and enhancement update

An update is available for nspr, nss. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Network Security Services NSS is a set of libraries designed to support the...

Slackware: Security Advisory (SSA:2014-086-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:0045-2 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. bsc1194041 - CVE-2021-3975: Add missing lock in qemuProcessHandleMonitorEOF. bsc1192876...

Mageia: Security Advisory (MGASA-2021-0513)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 35 Update: rust-1.58.1-1.fc35

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

SUSE-SU-2022:0128-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. bsc1194041 - CVE-2021-3975: Add missing lock in qemuProcessHandleMonitorEOF. bsc1192876...

SUSE-SU-2022:0045-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. bsc1194041 - CVE-2021-3975: Add missing lock in qemuProcessHandleMonitorEOF. bsc1192876...

SUSE-SU-2022:0041-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. bsc1194041 - CVE-2021-3975: Add missing lock in qemuProcessHandleMonitorEOF. bsc1192876...

SUSE-SU-2022:0031-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. bsc1194041 - CVE-2021-3975: Add missing lock in qemuProcessHandleMonitorEOF. bsc1192876...

SUSE-SU-2022:0021-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. bsc1194041...

PYSEC-2021-845

TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or CHECK-fail related crashes...

PYSEC-2021-396

TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and CHECK-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure ...

CVE-2021-41203

TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and CHECK-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure ...

OPENSUSE-SU-2021:1207-1 Security update for go1.15

This update for go1.15 fixes the following issues: Update to go1.15.15: - go47473 net/http: panic due to racy read of persistConn after handler panic CVE-2021-36221 bsc1189162 - go47347 cmd/go: 'go list -f '.Stale'' stack overflow with cyclic imports - go47014 cmd/go: go mod vendor: open...

GHSA-4HJG-CX88-G9F9 Data races in futures-intrusive

GenericMutexGuard was given the Sync auto trait as long as T is Send due to its contained members. However, since the guard is supposed to represent an acquired lock and allows concurrent access to the underlying data from different threads, it should only be Sync when the underlying data is. Thi...

PYSEC-2021-312

TensorFlow is an end-to-end open source platform for machine learning. In affected versions when running shape functions, some functions such as MutableHashTableShape produce extra output information in the form of a ShapeAndType struct. The shapes embedded in this struct are owned by an inferenc...

Security update for libX11 (important)

openSUSE Security Update: Security update for libX11 Announcement ID: openSUSE-SU-2021:1897-1 Rating: important References: 1186643 Cross-References: CVE-2021-31535 CVSS scores: CVE-2021-31535 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-31535 SUSE: 8.1...

SUSE: Security Advisory (SUSE-SU-2021:14748-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : libX11 (openSUSE-2021-857)

This update for libX11 fixes the following issues : - Regression in the fix for CVE-2021-31535, causing segfaults for xforms applications like fdesign bsc1186643 This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...