270 matches found
Security fix for the ALT Linux 10 package postgresql14 version 14.7-alt1
14.7-alt1 built Feb. 20, 2023 Alexei Takaseev in task 314938 Feb. 8, 2023 Alexei Takaseev - 14.7 Fixes CVE-2022-41862 - Conflicts: 14-1C - 15-1C...
SUSE CVE-2006-2288
Avahi before 0.6.10 allows local users to cause a denial of service mDNS/DNS-SD service disconnect via unspecified mDNS name conflicts...
SUSE CVE-2015-5224
The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly other attacks...
SUSE CVE-2018-14635
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...
SUSE CVE-2020-29509
The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from a hash conflict problem. An attacker could exploit this vulnerability to cause a denial ...
The vulnerability of the PHP library for generating PDF documents from HTML markup and CSS styles, Dompdf, arises due to a possible interpretation conflict. This vulnerability allows an attacker to execute arbitrary code.
The vulnerability of the PHP library for generating PDF documents from HTML markup and CSS styles, Dompdf, is related to the occurrence of interpretation conflicts. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...
GSD-2023-1000538 selftests/bpf: Fix conflicts with built-in functions in bpf_iter_ksym
selftests/bpf: Fix conflicts with built-in functions in bpfiterksym This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
Jenkins Plugin Script Security 加密问题漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
A Digital Red Cross
The International Committee of the Red Cross wants some digital equivalent to the iconic red cross, to alert would-be hackers that they are accessing a medical network. The emblem wouldn’t provide technical cybersecurity protection to hospitals, Red Cross infrastructure or other medical providers...
The vulnerability of the Geth client library of the Ethereum programming language GO in Go Ethereum allows a hacker to trigger a service failure.
The vulnerability of the Geth client library for the Ethereum protocol, written in the Go programming language, is related to the occurrence of interpretation conflicts. Exploiting this vulnerability can allow a malicious actor to cause service failures...
July 19, 2022—KB5015879 (OS Build 20348.859) Preview
July 19, 2022—KB5015879 OS Build 20348.859 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out...
QEMU: NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c
A NULL pointer dereference issue was found in the block mirror layer of QEMU. The self pointer is dereferenced in mirrorwaitonconflicts without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data...
MongoDB Server 安全漏洞
MongoDB is a document-oriented database management system from the American company MongoDB. A security vulnerability exists in MongoDB Server, where an authenticated user without any specific authorization may be able to repeatedly invoke features commands, a large number of which may lead to...
DEBIAN-CVE-2021-4145
A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The self pointer is dereferenced in mirrorwaitonconflicts without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on t...
AZL-8347 CVE-2021-4145 affecting package qemu for versions less than 6.2.0-2
A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The self pointer is dereferenced in mirrorwaitonconflicts without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on t...
Privacy predictions 2022
We no longer rely on the Internet just for entertainment or chatting with friends. Global connectivity underpins the most basic functions of our society, such as logistics, government services and banking. Consumers connect to businesses via instant messengers and order food delivery instead of...
The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird involves a situation where interpretation conflicts occur, allowing an attacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability in web browsers such as Firefox, Firefox ESR, and the email client Thunderbird relates to the handling of embedded list items as block-level elements. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause servic...
curl security and bug fix update
7.61.1-18 - http: send payload when proxy authentication is done 1918692 - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284 7.61.1-17 - validate an ssl connection using an intermediate certificate...
kernel security, bug fix, and enhancement update
4.18.0-305.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...