48 matches found
Patch Tuesday, Good Riddance 2020 Edition
Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load. Nine of the 58 security vulnerabilities addressed this month earned Microsofts most-dire "critical" label, meaning they can be abused by malware or miscreants to...
CVE-2019-7178
Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup...
CVE-2019-7178
Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup...
Privilege escalation
Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup...
CVE-2019-7178
CVE-2019-7178 affects Pexip Infinity prior to 20.1, enabling privilege escalation by restoring a system backup. Connected sources confirm the vulnerability text and vendor advisories (Red Hat entry reiterates the same description). The exact root cause, vulnerable components, impacted configurati...
CVE-2019-7178
Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup...
How to Free Recover Deleted Files on Your Mac
There are many scenarios where you would want to recover deleted data from your Mac. These deleted files could be your important photos, official documents, financial records, etc. Loss of such data can cause you unnecessary emotional and financial harm. However, you can make use of data recovery...
[SECURITY] Fedora 31 Update: timeshift-20.03-1.fc31
Timeshift for Linux is an application that provides functionality similar to the System Restore feature in Windows and the Time Machine tool in Mac OS. Timeshift protects your system by taking incremental snapshots of the file system at regular intervals. These snapshots can be restored at a late...
CVE-2019-16155
A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more...
CVE-2019-15707
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...
CVE-2019-15707
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...
Improper access control
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...
CVE-2019-15707
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...
CVE-2019-15707
CVE-2019-15707 concerns FortiMail admin webUI vulnerabilities: improper access control in FortiMail versions 6.2.0, 6.0.0–6.0.6, and 5.4.10 and earlier, enabling administrators to download system backup configurations they should not be authorized to access. Public references include Fortinet FG-...
The vulnerability of the FortiMail email protection system, related to deficiencies in access control, allows attackers to bypass existing security restrictions and download a backup of the system.
The vulnerability of the FortiMail email security system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and download a backup of the system...
The vulnerability in the FortiOS operating system’s web interface allows a hacker to perform cross-site fraudulently.
The vulnerability in the FortiOS operating system’s web interface is related to the lack of authentication for requests. Exploiting this vulnerability allows a malicious actor to perform cross-site forgery of requests to pages like /logindisconnect/disconnectadmins or...
Tar: Denial of service
Background The Tar program provides the ability to create and manipulate tar archives. Description The sparsedumpregion function in sparse.c file in Tar allows an infinite loop using the --sparse option. Impact A local attacker could cause a Denial of Service condition by modifying a file that is...
Reload.sh - Reinstall, Restore And Wipe Your System Via SSH, Without Rebooting
Reinstall, restore and wipe your system from the level and in the place of the running GNU/Linux distribution without cd-rom, flash and other. Via SSH, without rebooting. How it works? Set your archive with system backup to restore: build="/mnt/system-backup.tgz" Set path to temporary system...
GNU tar has been updated to fix CVE-2018-20482
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...
Netsweeper WebUpgrade Authorization Issues Vulnerability
Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in Netsweeper's WebUpgrade that stems from the webupgrade/webupgrade.php script failing to adequately filter the 'login' and 'password ' parameters. A remote attacker can exploit the vulnerabili...