EUVD-2021-14828

Malware in sbrugna...

nfpm has incorrect default permissions

Summary When building packages directly from source control, file permissions on the checked-in files are not maintained. Details When building packages directly from source control, file permissions on the checked-in files are not maintained. When nfpm packaged the files without extra config for...

Apache OpenOffice < 4.1.11 Multiple Vulnerabilities

he version of Apache OpenOffice installed on the remote host is a version prior to 4.1.11. It is, therefore, affected by multiple vulnerabilities : - Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a 'Billion Laughs' entity expansion...

Apache OpenOffice Access Control Error Vulnerability

Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents , spreadsheets , presentations , drawings , databases and so on. An Access Control Error vulnerability exists in Apache OpenOffice version 4.1.8, which stems from th...

CVE-2021-28129

While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500. This both caused issues with desktop integration and could allow a crafted attack on files owned by that user or group if they exist. User...

Design/Logic Flaw

While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500. This both caused issues with desktop integration and could allow a crafted attack on files owned by that user or group if they exist. User...

CVE-2021-28129

CVE-2021-28129 concerns the OpenOffice DEB package for version 4.1.8, where installation did not run as root but used UID/GID 500. This mispackaging could enable a crafted attack on files owned by that user/group if such files exist, potentially affecting desktop integration and local file owners...

jwtXploiter - A Tool To Test Security Of Json Web Token

A tool to test security of JSON Web Tokens. Test a JWT against all known CVEs; Tamper with the token payload: changes claims and subclaims values. Exploit known vulnerable header claims kid, jku, x5u Verify a token Retrieve the public key of your target's ssl connection and try to use it in a key...

openSUSE: Security Advisory for salt (openSUSE-SU-2021:0899-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-27350

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0...

CVE-2020-27350

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0...

GDBFrontend - An Easy, Flexible And Extensionable GUI Debugger

GDBFrontend is an easy, flexible and extensionable gui debugger. Installing Deb Package Debian / Ubuntu / KDE Neon You can install GDBFrontend via deb package for Debian-based distributions. You can install it from following commands: echo "deb trusted=yes https://oguzhaneroglu.com/deb/ ./" | sud...

CVE-2018-14670

Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database...

CVE-2018-14670

Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database...

UBUNTU-CVE-2018-14670

Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database...

CVE-2018-14670

Summary of CVE-2018-14670 (ClickHouse) : A misconfiguration in the Debian package for ClickHouse prior to version 1.1.54131 could allow unauthorized use of the database. Multiple sources confirm the issue and its remediation: update to version 1.1.54131 or later to resolve the vulnerability. The ...

Dolibarr 7.0.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications CVE-2018-10094 Dolibarr SQL Injection vulnerability Description Dolibarr is an "Open Source ERP & CRM for Business" used by many companies worldwide. It is available through GitHub or as distribution packages e.g .deb package. Threat The...

Dolibarr 7.0.0 SQL Injection

CVE-2018-10094 Dolibarr SQL Injection vulnerability Description Dolibarr is an "Open Source ERP & CRM for Business" used by many companies worldwide. It is available through GitHub or as distribution packages e.g .deb package. Threat The application does not handle user input properly and allows...

Fixed in ClickHouse Release 1.1.54131, 2017-01-10 

Incorrect configuration in deb package could lead to the unauthorized use of the database...

Fixed in ClickHouse Release 1.1.54131, 2017-01-10​

Incorrect configuration in deb package could lead to the unauthorized use of the database...