The vulnerability of the loaded module of the Linux operating system’s kernel, drivers/usb/misc/iowarrior.ko, which allows a hacker to cause a service failure.

The vulnerability of the driver/misc/iowarrior.ko module in the Linux operating system is related to a memory leak in the implementation of the omap4keypadprobe handler. Exploiting this vulnerability can allow an attacker to cause a service failure by connecting an OMAP4 Keypad device that does n...

CVE-2020-28978

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF...

CVE-2020-26553

An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree...

CVE-2020-26553

An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree...

Design/Logic Flaw

An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree...

CVE-2020-26553

An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree...

Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Twinned Tree Vulnerability Has Logic Flaw Vulnerability

Overview: Merkle Tree MT is one of the basic algorithms used in blockchain technology to safeguard data against tampering and fast verification. Due to problems in the implementation of some MT construction algorithms, it allows attackers to tamper with part of the block data without affecting th...

MGASA-2020-0391 Updated claw-mail packages fix a security vulnerability

In imapscantreerecursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree CVE-2020-16094...

EulerOS Virtualization 3.0.2.2 : sqlite (EulerOS-SA-2020-2197)

According to the versions of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Denial Of Service (DoS)

claws-mail is vulnerable to denial of service DoS. The vulnerability exists in imapscantreerecursive where a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree...

Description of the security update for SharePoint Enterprise Server 2016: October 13, 2020

Description of the security update for SharePoint Enterprise Server 2016: October 13, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, s...

CVE-2020-26870

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...

evince and poppler security and bug fix update

evince 3.28.2-10 - Do not try to use iconview widget when in tree view mode - Resolves: 1610436 poppler 0.26.5-43 - Fix crash on broken file in tilingPatternFill - Resolves: 1801340...

Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario

The Mozilla Foundation Security Advisory describes this flaw as: When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow...

tree-color.com Open Redirect vulnerability OBB-1371892

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

OPENSUSE-SU-2020:1455-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2020-14339: Don't leak /dev/mapper/control into QEMU. Use ioctl's to obtain the dependency tree of disks and drop use of libdevmapper. bsc1161883, bsc1174458 This update was imported from the SUSE:SLE-15-SP2:Update update project...

@angular-devkit/build-angular (>=0.8.8 <=0.900.0-rc.8), @apployees-nx/node (>=0.0.1 <=0.0.21) +188 more potentially affected by CVE-2019-15599 via tree-kill (>=0.0.6 <=1.2.1)

tree-kill NPM version =0.0.6, =0.8.8, =0.0.1, =0.0.1-alpha.1, =1.2.2, =6.0.0, =0.0.1, =0.0.1, =2.0.0-beta.22, =2.0.0-beta.1, =1.0.0, =0.0.1, =0.2.0, =7.0.2 and more Source cves: CVE-2019-15599 Source advisory: OSV:GHSA-884P-74JH-XRG2...

Command Injection in tree-kill

Versions of tree-kill prior to 1.2.2 are vulnerable to Command Injection. The package fails to sanitize values passed to the kill function. If this value is user-controlled it may allow attackers to run arbitrary commands in the server. The issue only affects Windows systems. Recommendation Upgra...