144 matches found
CVE-2015-3151
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the 1 NewProblem, 2 GetInfo, 3 SetElement, or 4 DeleteElement method...
Design/Logic Flaw
The default event handling scripts in Automatic Bug Reporting Tool ABRT allow local users to gain privileges as demonstrated by a symlink attack on a varlogmessages file...
CVE-2015-3159
CVE-2015-3159 affects ABRT (Automatic Bug Reporting Tool) specifically the abrt-action-install-debuginfo-to-abrt-cache component. The root cause is improper handling of the process environment before invoking abrt-action-install-debuginfo, enabling local privilege elevation. Vulnerable platforms ...
CVE-2015-3151
Technical details (affected product, root cause, impact, or fix) for CVE-2015-3151 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2015-3150
abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the 1 ChownProblemDir, 2 DeleteElement, or 3 DeleteProblem method...
CVE-2015-3147
The CVE-2015-3147 issue affects ABRT’s daemon, specifically daemon/abrt-handle-upload.in, where moving reports from /var/spool/abrt-upload can be manipulated via a symbolic link to write to arbitrary files (or cause other impacts) on the system. The vulnerability arises from a symlink attack agai...
Stable Channel Update for Desktop
The stable channel has been updated to 78.0.3904.108 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The...
Fedora 31 : python38 (2019-d11594bf0a)
This is a beta preview of Python 3.8 Python 3.8 is still in development. This release, 3.8.0b4 is the last of four planned beta release previews. Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to...
Stable Channel Update for Desktop
The Stable channel has been updated to 77.0.3865.90 for Windows, Mac, and Linux. This will roll out over the coming days/weeks. A list of all changes is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are...
Fedora 29 : python38 (2019-d58eb75449)
This is a beta preview of Python 3.8 Python 3.8 is still in development. This release, 3.8.0b4 is the last of four planned beta release previews. Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to...
Fedora 30 : python38 (2019-4954d8773c)
This is a beta preview of Python 3.8 Python 3.8 is still in development. This release, 3.8.0b4 is the last of four planned beta release previews. Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to...
MemGuard - Secure Software Enclave For Storage Of Sensitive Information In Memory
Secure software enclave for storage of sensitive information in memory. This package attempts to reduce the likelihood of sensitive data being exposed. It supports all major operating systems and is written in pure Go. Features Sensitive data is encrypted and authenticated in memory using xSalsa2...
Stable Channel Update for Desktop
The stable channel has been updated to 75.0.3770.90 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictio...
Privilege Escalation
ABRT Automatic Bug Reporting Tool is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in...
XSSFuzzer - A Tool Which Generates XSS Payloads Based On User-Defined Vectors And Fuzzing Lists
XSS Fuzzer is a simple application written in plain HTML/JavaScript/CSS which generates XSS payloads based on user-defined vectors using multiple placeholders which are replaced with fuzzing lists. It offers the possibility to just generate the payloads as plain-text or to execute them inside an...
HackerOne two-factor authentication and reporting those to the blacklist bypass vulnerability($10,000)-bug warning-the black bar safety net
Hello everyone, today I want to share with you is a HackerOne-related vulnerabilities, using the vulnerability, I can bypass the HackerOne vulnerability presented when two-factor authentication mechanisms 2FA and the bounty project, A Bug Bounty Program for reporting those to the blacklist...
Debian DLA-1511-1 : reportbug update
Reportbug, a tool designed to make the reporting of bugs in Debian easier, was further enhanced to automatically detect bug reports for potential regressions caused by a security update. After user confirmation an additional email with a copy of the report will be sent to the debian-lts mailing...
Getsploit v0.2.2 - Command Line Utility For Searching And Downloading Exploits
Command line search and download tool for Vulners Database inspired by searchsploit. It allows you to search online for the exploits across all the most popular collections: Exploit-DB , Metasploit , Packetstorm and others. The most powerful feature is immediate exploit source download right in...
Adventures in vulnerability reporting
Posted by Natalie Silvanovich, Project Zero At Project Zero, we spend a lot of time reporting security bugs to vendors. Most of the time, this is a fairly straightforward process, but we occasionally encounter challenges getting information about vulnerabilities into the hands of vendors. Since i...
Red Hat Automatic Bug Reporting Tool Information Disclosure Vulnerability
Red Hat Automatic Bug Reporting Tool ABRT is a set of automated bug detection and reporting tools from Red Hat Red Hat. A security vulnerability exists in Red Hat ABRT versions prior to 2.1.6. A local attacker can exploit this vulnerability to obtain sensitive information from arbitrary files...