CVE-2020-27925

An issue existed in the handling of incoming calls. The issue was addressed with additional state checks. This issue is fixed in iOS 14.2 and iPadOS 14.2. A user may answer two calls simultaneously without indication they have answered a second call...

Cpanel Security Breach

Cpanel is a set of Web-based automated colocation platform from Cpanel, Inc. in the United States. The platform is primarily used to automate the management of websites and servers. Additional vulnerabilities exist in Cpanel. No information about this vulnerability is available at this time, plea...

About the security content of Safari 14.0 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

Session State Monitor Tool - XenApp/XenDesktop

Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the download location. Description The Session State Monitor Utility actively monitors...

SUSE-SU-2020:3125-1 Security update for sane-backends

This update for sane-backends fixes the following issues: - sane-backends version upgrade to 1.0.31: sane-backends version upgrade to 1.0.30 fixes memory corruption bugs CVE-2020-12861, CVE-2020-12862, CVE-2020-12863, CVE-2020-12864, CVE-2020-12865, CVE-2020-12866, CVE-2020-12867 bsc1172524...

CVE-2019-8532

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files...

Design/Logic Flaw

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files...

CVE-2020-3918

An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A local user may be able to view sensitive user information...

Buffer overflow

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.16. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

KB957488 - MS09-062: Vulnerabilities in GDI+ could allow remote code execution

Resolves vulnerabilities in Microsoft Windows GDI+ that could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content.Support for Windows Vista Service Pack 1 SP1 ends on July 12, 2011. To...

CVE-2020-0427

In createpinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-1405501...

Integer overflow

In Parsewave of easmdls.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure in a highly constrained process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

nowyczas.co.uk Cross Site Scripting vulnerability OBB-1319148

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2020-3449

A vulnerability in the Border Gateway Protocol BGP additional paths feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent authorized users from monitoring the BGP status and cause the BGP process to stop processing new updates, resulting in a denial of servic...

[SECURITY] [DLA 2321-1] firmware-nonfree new upstream version

Debian LTS Advisory DLA-2321-1 [email protected] https://www.debian.org/lts/security/ August 11, 2020 https://wiki.debian.org/LTS Package : firmware-nonfree Version : 20190114-2deb9u1 The firmware-nonfree package has been updated to include additional firmware that may be requested by...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0032)

The remote OracleVM system is missing necessary patches to address critical security updates : - uek-rpm: Add OL6 shim conflict for new signing key Eric Snowberg Orabug: 31688239 - Revert 'certs: Add Oracle's new X509 cert into the kernel keyring' Eric Snowberg Orabug: 31688223 - blk-mq: don't...

Cisco IOS XR Code Issue Vulnerability

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. A code issue vulnerability exists in the BGP Additional Paths feature in Cisco?IOS XR versions prior to 7.1.3, prior to 7.2.1, and prior to 7.3.1. A remote attacker could exploit th...

CSS injection with width and height options

Chartkick is vulnerable to CSS injection if user input is passed to the width or height option. An attacker can set additional CSS properties, like:...

Twitter Hacker Arrested

A 17-year-old Florida boy was arrested and charged with last week's Twitter hack. News articles. Boing Boing post. Florida state attorney press release. This is a developing story. Post any additional news in the comments. EDITED TO ADD 8/1: Two others have been charged as well. EDITED TO ADD 8/1...

Huawei EulerOS: Security Advisory for mariadb (EulerOS-SA-2020-1656)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...