1065 matches found
DLA-2805-1 libmspack - security update
Bulletin has no description...
DSA-4996-1 wpewebkit - security update
Bulletin has no description...
DLA-2799-1 opencv - security update
Bulletin has no description...
DSA-4994-1 bind9 - security update
Bulletin has no description...
SUSE-SU-2021:3562-1 Security update for SUSE Manager Server 4.1
This update fixes the following issues: spacewalk-admin: - Version 4.1.10-1 Fix setup with rhn-config-satellite bsc1190300 Allow admins to modify only spacewalk config files with rhn-config-satellite.pl bsc1190040 CVE-2021-40348 How to apply this update: 1. Log in as root user to the SUSE Manager...
DLA-2792-1 faad2 - security update
Bulletin has no description...
SUSE-SU-2021:3489-1 Security update for python
This update for python fixes the following issues: - CVE-2021-3737: Fixed http client infinite line reading DoS after a http 100. bsc1189241 - CVE-2021-3733: Fixed ReDoS in urllib.request. bsc1189287...
SUSE-SU-2021:3481-1 Security update for postgresql10
This update for postgresql10 fixes the following issues: - Fix for build with llvm12 on s390x. bsc1185952 - Re-enable 'icu' for PostgreSQL 10. bsc1179945 - Add postgresqlXX-server-devel as a dependency for postgresql13-server-devel. bsc1187751 - Upgrade to version 10.18. bsc1190177 Upgrade to...
JVN#85073657: 128 Technology Session Smart Router vulnerable to authentication bypass
128 Technology Session Smart Router provided by 128 Technology contains an authentication bypass vulnerability CWE-287. Impact A remote attacker may bypass the authentication and execute an arbitrary OS command with the root privilege. Solution Update the software Update the software to the lates...
DLA-2784-1 icu - security update
Bulletin has no description...
JVN#51106450: Apache HTTP Server vulnerable to directory traversal
Apache HTTP Server provided by The Apache Software Foundation contains a directory traversal vulnerability CWE-22. Impact A remote attacker may access the unprotected files in "require all denied" placed outside of the document root. Moreover, if CGI scripts are enabled, arbitrary code may be...
WordPress Stripe For WooCommerce plugin 3.0.0 – 3.3.9 - Missing Authorization Controls to Financial Account Hijacking vulnerability
Missing Authorization Controls to Financial Account Hijacking vulnerability discovered by Margaux DABERT Intrinsec in WordPress Stripe For WooCommerce plugin versions 3.0.0 – 3.3.9. Solution Update the WordPress Stripe For WooCommerce plugin to the latest available version at least 3.3.10...
Trend Micro HouseCall for Home Networks vulnerable to privilege escalation
Overview Trend Micro Incorporated has released a security update for HouseCall for Home Networks. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN. Impact A user who can log in to the product may obtain administrative privileges. As a...
DLA-2768-1 uwsgi - security update
Bulletin has no description...
OPENSUSE-SU-2021:1312-1 Security update for grilo
This update for grilo fixes the following issues: - CVE-2021-39365: Fixed missing TLS certificate verification bsc1189839. This update was imported from the SUSE:SLE-15-SP2:Update update project...
DLA-2766-1 openssl - security update
Bulletin has no description...
DLA-2764-1 tomcat8 - security update
Bulletin has no description...
DSA-4974-1 nextcloud-desktop - security update
Bulletin has no description...
JVN#81658818: Multiple vulnerabilities in RevoWorks Browser
RevoWorks Browser provided by J’s Communication Co., Ltd. is a virtual browser which enables internet isolation. It provides the function that enables access to drives, folders, files, and registries under the isolated environment from the local environment when running the web browser. RevoWorks...
SUSE-SU-2021:2917-1 Security update for libesmtp
This update for libesmtp fixes the following issues: - CVE-2019-19977: Fix stack-based buffer over-read in ntlm/ntlmstruct.c bsc1160462...