1065 matches found
DSA-4964-1 grilo - security update
Bulletin has no description...
DSA-4963-1 openssl - security update
Bulletin has no description...
DLA-2745-1 thunderbird - security update
Bulletin has no description...
DSA-4956-1 firefox-esr - security update
Bulletin has no description...
DSA-4954-1 c-ares - security update
Bulletin has no description...
DLA-2726-1 shiro - security update
Bulletin has no description...
DLA-2725-1 lrzip - security update
Bulletin has no description...
WordPress uListing plugin <= 2.0.5 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities
Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by m0ze Patchstack Red Team in WordPress uListing plugin versions = 2.0.5. Solution Update the WordPress uListing plugin to the latest available version at least 2.0.6...
WordPress uListing plugin <= 2.0.5 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability
Authenticated Reflected Cross-Site Scripting XSS vulnerability discovered by m0ze Patchstack Red Team in WordPress uListing plugin versions = 2.0.5. Vulnerable parameters: &filterid, &filteruser, &filterexpireddate, &filtercreateddate, &filterupdateddate. Solution Update the WordPress uListing...
SUSE-SU-2021:2435-1 Security update for crmsh
This update for crmsh fixes the following issues: Update to version 4.3.1+20210624.67223df2: - Fix: ocfs2: Skip verifying UUID for ocfs2 device on top of raid or lvm on the join node bsc1187553 - Fix: history: use Path.mkdir instead of mkdir commandbsc1179999, CVE-2020-35459 - Dev: crashtest: Add...
SUSE-SU-2021:2326-1 Security update for nodejs12
This update for nodejs12 fixes the following issues: - update to 12.22.2: - CVE-2021-22918: Out of bounds read bsc1187973 - CVE-2021-23362: ssri Regular Expression Denial of Service and hosted-git-info bsc1187977 - CVE-2021-27290: Regular Expression Denial of Service bsc1187976 - CVE-2021-3450:...
OPENSUSE-SU-2021:1994-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: Upgrade to version 12.7: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. -...
WordPress Workreap premium theme <= 2.2.1 - Missing authorization checks in AJAX actions vulnerability
Missing authorization checks in AJAX actions vulnerability discovered by Harald Eilertsen Jetpack in WordPress Workreap premium theme versions = 2.2.1. Solution Update the WordPress Workreap premium theme to the latest available version at least 2.2.2...
MGASA-2021-0305 Updated p7zip package fixes security vulnerabilities
In p7zip-17.03, the function NCompress::CCopyCoder::Code in CPP/7zip/Common/StreamObjects.cpp will call outStream-Write where a memcpy uses a NULL pointer as destination address, leading to a crash CVE-2021-3465. Null pointer dereference in function Reserve found in p7zip 16.02 rhbz1951218. Null...
DSA-4934-1 intel-microcode - security update
Bulletin has no description...
Hitachi Virtual File Platform vulnerable to OS command injection
Overview Hitachi Virtual File Platform provided by Hitachi contains an OS command injection vulnerability CWE-78 due to a flaw in processing parameters of the HTTP requests. Hiroki MATSUKUMA of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
SUSE-SU-2021:1970-1 Security update for postgresql10
This update for postgresql10 fixes the following issues: - Upgrade to version 10.17: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. - Don't u...
DSA-4928-1 htmldoc - security update
Bulletin has no description...
OPENSUSE-SU-2021:0845-1 Security update for inn
This update for inn fixes the following issues: - CVE-2021-31998: change user to news before calling innupgrade, which could have allow local privilege escalation. boo1182321 This update was imported from the openSUSE:Leap:15.2:Update update project...
SUSE-SU-2021:1806-1 Security update for python-httplib2
This update for python-httplib2 fixes the following issues: - Update to version 0.19.0 bsc1182053. - CVE-2021-21240: Fixed regular expression denial of service via malicious header bsc1182053. - CVE-2020-11078: Fixed unescaped part of uri where an attacker could change request headers and body...