curl security update

7.29.0-59.0.1 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitiv...

USN-4542-1 miniupnpd vulnerabilities

It was discovered that MiniUPnPd did not properly validate callback addresses. A remote attacker could possibly use this issue to expose sensitive information. CVE-2019-12107 It was discovered that MiniUPnPd incorrectly handled unpopulated user XML input. An attacker could possibly use this issue...

CVE-2020-8333

A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution...

CVE-2020-8333

A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution...

CVE-2020-8333

CVE-2020-8333 describes a vulnerability in the SMI callback function used by the EEPROM driver on some Lenovo Desktops and ThinkStation models, potentially enabling arbitrary code execution. Exploitation would require local access (no user interaction) with low attack complexity, and could impact...

CVE-2020-0395

In showNotification of EmergencyCallbackModeService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

DEBIAN-CVE-2013-7490

An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption...

UBUNTU-CVE-2013-7490

An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption...

CVE-2020-11120

u'Calling thread may free the data buffer pointer that was passed to the callback and later when event loop executes the callback, data buffer may not be valid and will lead to use after free scenario' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

CVE-2020-11120

u'Calling thread may free the data buffer pointer that was passed to the callback and later when event loop executes the callback, data buffer may not be valid and will lead to use after free scenario' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

Denial of Service in apostrophe

Versions of apostrophe prior to 2.97.1 are vulnerable to Denial of Service. The apostrophe-jobs module sets a callback for incoming jobs and doesn't clear it regardless of its status. This causes the server to accumulate callbacks, allowing an attacker to start a large number of jobs and exhaust...

GHSA-PV6R-VCHH-CXG9 Denial of Service in apostrophe

Versions of apostrophe prior to 2.97.1 are vulnerable to Denial of Service. The apostrophe-jobs module sets a callback for incoming jobs and doesn't clear it regardless of its status. This causes the server to accumulate callbacks, allowing an attacker to start a large number of jobs and exhaust...

Rosetta-Flash JSONP Vulnerability in hapi

This description taken from the pull request provided by Patrick Kettner. Versions 6.1.0 and earlier of hapi are vulnerable to a rosetta-flash attack, which can be used by attackers to send data across domains and break the browser same-origin-policy. Recommendation - Update hapi to version 6.1.1...

EulerOS Virtualization for ARM 64 3.0.6.0 : nghttp2 (EulerOS-SA-2020-1911)

According to the version of the nghttp2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of...

Internet Systems Consortium's BIND TCP Receive Buffer Length Assertion Check Denial of Service Vulnerability

Summary An assertion failure exists within the Internet Systems Consortium’s BIND server versions 9.16.1 through 9.17.1 when processing TCP traffic via the libuv library. Due to a length specified within a callback for the library, flooding the server’s TCP port used for larger DNS requests AXFR...

Amazon Linux AMI : nghttp2 (ALAS-2020-1404)

The version of nghttp2 installed on the remote host is prior to 1.33.0-1.1.6. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1404 advisory. In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept...

EulerOS 2.0 SP8 : nghttp2 (EulerOS-SA-2020-1815)

According to the version of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a...

Yelp: RCE on build server via misconfigured pip install

The following Python library has been installed on at least one Yelp owned build server directly from the public PyPI registry. https://pypi.org/project/yelp-cgeom/ This package should normally be downloaded from the internal Yelp registry, but a misconfiguration appears to have caused it to be...

CVE-2020-12419

When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR 68.10, Firefox 78, and...

CVE-2020-12419

When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR 68.10, Firefox 78, and...