Fedora Update for jackson-databind FEDORA-2019-ae6a703b8f

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: jackson-databind-2.9.9.3-1.fc30

The general-purpose data-binding functionality and tree-model for Jackson D ata Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration...

[SECURITY] Fedora 30 Update: jackson-annotations-2.9.9-1.fc30

Core annotations used for value types, used by Jackson data-binding package...

[SECURITY] Fedora 31 Update: jackson-annotations-2.9.9-1.fc31

Core annotations used for value types, used by Jackson data-binding package...

Out-of-bounds Write

Overview lmdb is an Universal Python binding for the LMDB 'Lightning' Database. Affected versions of this package are vulnerable to Out-of-bounds Write. An issue was discovered in py-lmdb 0.97. For certain values of mdflags, mdbnodeadd does not properly set up a memcpy destination, leading to an...

Out-of-bounds Write

Overview lmdb is an Universal Python binding for the LMDB 'Lightning' Database. Affected versions of this package are vulnerable to Out-of-bounds Write. An issue was discovered in py-lmdb 0.97. For certain values of mnflags, mdbcursorset triggers a memcpy with an invalid write operation within...

Fedora Update for python3-lxc FEDORA-2019-c1dac1b3b8

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: python3-lxc-3.0.4-1.fc30

Linux Resource Containers provide process and resource isolation without the overhead of full virtualization. The python3-lxc package contains the Python3 binding for LXC...

The vulnerability of the config-variables.jelly component in the Jenkins Credentials Binding plugin allows a hacker to gain unauthorized access to protected information.

The vulnerability of the config-variables.jelly component in the Jenkins Credentials Binding plugin is related to the storage of passwords in a readable format. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...

Microsoft Guidance for Enabling LDAP Channel Binding and LDAP Signing

Executive Summary LDAP channel binding and LDAP signing provide ways to increase the security for communications between LDAP clients and Active Directory domain controllers. A set of unsafe default configurations for LDAP channel binding and LDAP signing exist on Active Directory domain...

DEBIAN-CVE-2019-13057

An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN database admin privileges for certain databases but wants to maintain isolation e.g., for multi-tenant deployments, slapd does not properly stop a rootDN from requesting authorization a...

CVE-2019-1010241

Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line 30 passwordVariable. The attack vector is: Attacker creates and executes a...

CloudBees Jenkins Credentials Binding Plugin Jenkins Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Jenkins Credentials Binding Plugin is used in...

CVE-2019-1010241

Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line 30 passwordVariable. The attack vector is: Attacker creates and executes a...

CVE-2019-1010241

Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line 30 passwordVariable. The attack vector is: Attacker creates and executes a...

CVE-2019-1010241

The CVE-2019-1010241 entry affects Jenkins Credentials Binding Plugin (v1.17) where the vulnerability exists in config-variables.jelly at line 30 (passwordVariable). The underlying issue is storing passwords in a recoverable format (CWE-257). As described, authenticated users can recover credenti...

Youzer - Fake User Generator For Active Directory Environments

Fake User Generator for Active Directory Environments Introduction The goal of Youzer is to create information rich Active Directory environments. This uses the python3 library 'faker' to generate random accounts. pip3 install faker You can either supply a wordlist or have the passwords generated...

CVE-2019-3569

HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual unintended direct access to the application, which could result in information disclosure. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versio...

CVE-2019-3569

HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual unintended direct access to the application, which could result in information disclosure. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versio...

Information disclosure

HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual unintended direct access to the application, which could result in information disclosure. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versio...