CVE-2019-14902

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers...

The vulnerability of the implementation of the Intel Transactional Synchronization Extensions (TSX) technology in microprogramming software for Intel processors allows a hacker to disclose protected information.

The vulnerability of the Intel Transactional Synchronization Extensions TSX implementation in Intel microcomputer software is related to the lack of protection for service data. Exploiting this vulnerability can allow attackers to disclose sensitive information by launching attacks through...

Neowise CarbonFTP 1.4 Insecure Proprietary Password Encryption

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEOWISE-CARBONFTP-v1.4-INSECURE-PROPRIETARY-PASSWORD-ENCRYPTION.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.neowise.com Product CarbonFTP v1.4 CarbonFTP is a...

kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping

A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...

openSUSE: Security Advisory for haproxy (openSUSE-SU-2019:2556-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Code injection

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

CVE-2019-9812

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

CVE-2012-6111

gnome-keyring does not discard stored secrets when using gnomekeyringlockallsync function...

USN-4182-3: Intel Microcode regression | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-4182-1 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific...

The vulnerability of the Oilpan component in the Google Chrome browser allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Oilpan component in the Google Chrome browser is caused by synchronization errors when using a common resource. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through a...

The compatibility subsystem for running Linux applications allows the Windows Subsystem for Linux (WSL), a operating system that enables attackers to enhance their privileges.

The vulnerability of the compatibility subsystem for running Linux applications stems from synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges through a specially created application...

The vulnerability of the Apache Tomcat application server arises from synchronization errors when using a shared resource, allowing attackers to expose sensitive information.

The vulnerability of the Apache Tomcat application server arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows a malicious actor to disclose sensitive information remotely...

The vulnerability of Google Chrome arises from synchronization errors when using a common resource, allowing a perpetrator to replace the content of the Omnibox component (URL).

The vulnerability of Google Chrome arises due to synchronization errors when using a common resource. Exploiting this vulnerability allows an attacker to replace the content of the Omnibox component URL by using a specially created HTML page...

The vulnerability of the mod_auth_digest component in the Apache HTTP Server allows a hacker to bypass authentication by using a different username.

The vulnerability of the modauthdigest component in the Apache HTTP Server arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows a malicious actor to perform authentication using a different username...

SQL Injection Vulnerability in ba***.php File of Kindergarten Online Management System

Xianqi Kindergarten Online Management System is a kindergarten online management system that supports real-time synchronization of data between smartphone APP and computer. A SQL injection vulnerability exists in the ba.php file of the kindergarten online management system. An attacker can exploi...

The vulnerability of Siemens’ software and hardware devices, related to the possibility of disrupting time synchronization (IRT), allows a perpetrator to trigger a service failure.

The vulnerability of Siemens’ software and hardware devices is related to the possibility of disrupting time synchronization IRT. Exploiting this vulnerability can allow a remote attacker to cause service failures...

[SECURITY] Fedora 31 Update: systemd-243.4-1.fc31

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

Ubuntu 16.04 LTS : Linux kernel vulnerability (USN-4186-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4186-3 advisory. USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerability and regression (USN-4185-3)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4185-3 advisory. USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer...

New ZombieLoad v2 Attack Affects Intel's Latest Cascade Lake CPUs

Zombieload is back. This time a new variant v2 of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS variants RIDL and Fallout. Initially...