CVE-2021-29521 Segfault in SparseCountSparseOutput

TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in tf.rawops.SparseCountSparseOutput results in a segmentation fault being thrown out from the standard library as std::vector invariants are broken. This is because the...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

IBM Cloud Pak for Security 信息泄露漏洞

IBM Cloud Pak for Security is an application from IBM America, Inc. An open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated action faster. An information disclosure vulnerability exists in IBM Cloud Pak for Security...

Cross-site Scripting (XSS) - Reflected in thecoshman/http

✍️ Description The web server is vulnerable to Cross-site scripting. An attacker can host a file with an XSS payload as the file name. When a user visits the web server address, the javascript will be executed in the browser. This is due to improper sanitization. 🕵️‍♂️ Proof of Concept - Create a...

CVE-2021-26419

Scripting Engine Memory Corruption Vulnerability Recent assessments: architect00 at May 14, 2021 10:33am UTC reported: Details The vulnerability affects Internet Explorer 11 on all Windows Versions. It is located in the jscript9.dll library, which is used to execute javascript. Possible attack...

[SECURITY] Fedora 34 Update: autotrace-0.31.1-60.fc34

AutoTrace is a program for converting bitmaps to vector graphics. Supported input formats include BMP, TGA, PNM, PPM, and any format supported by ImageMagick, whereas output can be produced in Postscript, SVG, xfig, SWF, and others...

CVE-2021-31756

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get...

Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave

Today, organizations face an evolving threat landscape and an exponentially increasing attack surface. Email represents the primary attack vector for cybercrime, and security teams are in search of efficient and cost-effective means to minimize the risk of these threats and the impact they have o...

samba: Netlogon elevation of privilege vulnerability (Zerologon)

A flaw was found in the Microsoft Windows Netlogon Remote Protocol MS-NRPC, where it reuses a known, static, zero-value initialization vector IV in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obta...

Security Bulletin: Issues in IBM® Java™ SDK Technology Edition affects IBM Security Identity Manager Virtual Appliance (CVE-2020-14577, CVE-2020-14578, CVE-2020-14579)

Summary There are multiple vulnerabilities in IBM® Java™ SDK Technology Edition used by IBM Security Identity Manager Virtual Appliance. IBM Security Identity Manager Virtual Appliance has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14579 DESCRIPTION: An unspecified...

SUSE SLES15 Security Update : xen (SUSE-SU-2021:1460-1)

This update for xen fixes the following issues : CVE-2020-28368: Intel RAPL sidechannel attack aka PLATYPUS attack bsc1178591, XSA-351 CVE-2021-3308: IRQ vector leak on x86 bsc1181254, XSA-360 CVE-2021-28687: HVM soft-reset crashes toolstack bsc1183072, XSA-368 L3: conring size for XEN HV's with...

Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2021-1822)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arbitrary file deletion

The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used. The HTTP basic auth passwordfile can be used as an attack vector to send any file content via a webhook. The alertmanager templates can be used as an attack...

CVE-2021-31231

The CVE affects Grafana Enterprise Metrics versions before 1.2.1 and Grafana Metrics Enterprise 1.2.1. It is a local file disclosure vulnerability triggered when experimental.alertmanager.enable-api is enabled. The HTTP basic auth password_file can be exploited to exfiltrate any file content via ...

CVE-2021-31231

The Alertmanager in Grafana Enterprise Metrics before 1.2.1 and Metrics Enterprise 1.2.1 has a local file disclosure vulnerability when experimental.alertmanager.enable-api is used. The HTTP basic auth passwordfile can be used as an attack vector to send any file content via a webhook. The...

SUSE-SU-2021:1460-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-28368: Intel RAPL sidechannel attack aka PLATYPUS attack bsc1178591, XSA-351 - CVE-2021-3308: IRQ vector leak on x86 bsc1181254, XSA-360 - CVE-2021-28687: HVM soft-reset crashes toolstack bsc1183072, XSA-368 - L3: conring size for XEN HV'...

EulerOS 2.0 SP3 : OpenEXR (EulerOS-SA-2021-1822)

According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.CVE-2020-11764 - An issue...

CVE-2021-29460

Kirby is an open source CMS. An editor with write access to the Kirby Panel can upload an SVG file that contains harmful content like tags. The direct link to that file can be sent to other users or visitors of the site. If the victim opens that link in a browser where they are logged in to Kirby...

5 Ways Your Software Supply Chain is Out to Get You, Part 3: Exploit Open Source Libraries

In previous posts, we explained how two kinds of supply chain attack methods, Vendor Compromise and Exploit Third Party Applications, are threatening software supply chains, transferring an extraordinary amount of risk downstream to the organizations and users that trust and depend on them. In th...

Nextcloud: Trusted server shared secret stored unencrypted in the database

The attack vector here is that somebody gets their hands on your database. When two servers have added each other as trusted server they exchange shared secret token. With this token they can sync down each other user lists. However it seems that this token is stored in plain text in the...