Apple macOS Big Sur 缓冲区错误漏洞

Apple macOS Big Sur is the 17th major release of macOS, Apple's operating system for the MAC, from Apple USA. Apple macOS Big Sur suffers from a buffer error vulnerability that stems from the fact that processing a maliciously crafted AppleScript binary may result in the unexpected termination or...

The vulnerability of the Red Database database management system lies in the concealment of information that is crucial for security purposes. This allows attackers to hide the origin or nature of their attacks.

The vulnerability of the Red Database management system is related to an error in the processing of binary audit logs in the database adapter. Exploiting this vulnerability allows a malicious actor to conceal the origin or nature of an attack by creating entries for audit logs in such a way that...

CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation

Rapid7 discovered a local privilege escalation vulnerability affecting Zyxel firewalls. The vulnerability allows a low privileged user, such as nobody, to escalate to root on affected firewalls. To exploit this vulnerability, a remote attacker must first establish shell access on the firewall, fo...

Google Chrome < 103.0.5060.134 Vulnerability

Binary data 701414.pasl...

CVE-2022-31210

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/setparam.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts...

[SECURITY] Fedora 35 Update: golang-github-shulhan-bindata-3.6.1-4.fc35

A small utility which generates Go code from any file. Useful for embedding binary data in a Go program...

[SECURITY] Fedora 35 Update: golang-github-rakyll-statik-0.1.7-4.fc35

Statik allows you to embed a directory of static files into your Go binary to be later served from an http.FileSystem...

[SECURITY] Fedora 35 Update: golang-github-liamg-tml-0.3.0-4.fc35

A Go module and standalone binary to make the output of colored/formatted text in the terminal easier and more readable...

[SECURITY] Fedora 35 Update: golang-github-akavel-rsrc-0.10.2-4.fc35

Tool for embedding binary resources in Go programs...

[SECURITY] Fedora 35 Update: geoipupdate-4.8.0-3.fc35

The GeoIP Update program performs automatic updates of GeoIP2 binary database s...

[SECURITY] Fedora 35 Update: exercism-3.0.13-8.fc35

Exercism provides a way to do the problems on https://exercism.io. This CLI ships as a binary with no additional run-time requirements. This mea ns that if you're doing the Haskell problems on exercism you don't need a working Python or Ruby environment simply to fetch and submit exercises...

Kubeaudit - Tool To Audit Your Kubernetes Clusters Against Common Security Controls

kubeaudit is a command line tool and a Go package to audit Kubernetes clusters for various different security concerns, such as: run as non-root use a read-only root filesystem drop scary capabilities, don't add new ones don't run privileged and more! tldr.kubeaudit makes sure you deploy secure...

Design/Logic Flaw

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

CVE-2022-31156 Gradle's dependency verification can ignore checksum verification when signature verification cannot be performed

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

CVE-2022-31156 Gradle's dependency verification can ignore checksum verification when signature verification cannot be performed

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

CVE-2022-31156 Gradle's dependency verification can ignore checksum verification when signature verification cannot be performed

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

CVE-2022-28377

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of th...

Fedora: Security Advisory for go-bindata (FEDORA-2022-ba365d3703)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2020:0948-2 Security update for gmp, gnutls, libnettle

This update for gmp, gnutls, libnettle fixes the following issues: Security issue fixed: - CVE-2020-11501: Fixed zero random value in DTLS client hello bsc1168345 FIPS related bugfixes: - FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode...

Design/Logic Flaw

Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows' installer execute a binary into C:\mingw64\bin\git.exe by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is...