Google Android Buffer Error Vulnerability

Google Android is a Linux-based open source operating system from the USGoogleOpen Handheld Alliance Google. Google Android 11 suffers from a buffer error vulnerability that stems from incorrect bounds checking by netdiag, which may allow out-of-bounds writes. Resulting in a privilege local...

Vulnerabilities in OpenSSL affect AIX

IBM SECURITY ADVISORY First Issued: Mon Feb 1 13:42:07 CST 2021 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/openssladvisory32.asc https://aix.software.ibm.com/aix/efixes/security/openssladvisory32.asc...

About the security content of iOS 14.4 and iPadOS 14.4 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

MantisBT Information Disclosure Vulnerability (CNVD-2021-09043)

MantisBT is MantisBT Mantisbt team of a Web-based open source defect tracking system . The system provides project management and defect tracking services in the form of Web operations. A security vulnerability exists in MantisBT versions prior to 2.24.4, which stems from a lack of access checkin...

Qualcomm WLAN HOST Security Vulnerability

Qualcomm WLAN HOST is a Qualcomm Incorporated USA wireless LAN component used in Qualcomm products. A security vulnerability exists in the Qualcomm WLAN HOST that stems from improper checking of logical subtypes, resulting in too many frames being discarded...

Qualcomm IPC Input Validation Error Vulnerability

Qualcomm IPC is a Qualcomm Incorporated USA support component used in chips. A security vulnerability exists in Qualcomm IPC that stems from a lack of checking the validity and boundary compliance of parameters read from shared memory...

About the security content of macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave

About the security content of macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave This document describes the security content of macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. About Apple security updates For our...

Code injection

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with for example OS commands in the opt parameter...

Ubuntu: Security Advisory (USN-4711-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 32 : 1:php-pear (2021-02996612f6)

The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-02996612f6 advisory. - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to...

About the security content of iCloud for Windows 12.0 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

Nextcloud 资源管理错误漏洞

Nextcloud is a set of client-server software for creating file hosting services and using them.Nextcloud Server is the server software. A denial of service vulnerability exists in Nextcloud Server 19 and earlier versions. The vulnerability stems from a checking error. An attacker could exploit th...

The vulnerability of the file system driver in the Windows operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the file system driver filter in the Windows operating system exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2020-36193

Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948...

CVE-2020-36193

Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948...

CVE-2020-36193

Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948...

Security Bulletin: Vulnerabilities in IBM WebSphere Liberty affects IBM Waston Machine Learning Accelerator

Summary There are vulnerabilities in IBM WebSphere Liberty used by IBM Waston Machine Learning Accelerator 1.2.2, and IBM Waston Machine Learning Accelerator 2.2.0 have addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-4663 DESCRIPTION: IBM WebSphere Application Server - Liberty...

Allows write operations with Directory Traversal due to inadequate checking of symbolic links

Disallow symlinks to out-of-path filenames...

OPENSUSE-SU-2021:0075-1 Security update for the Linux Kernel

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-29568: An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the event...

Privilege escalation

Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation...