Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:2694-1 Rating: important References: 1158982 Cross-References: CVE-2019-13725 CVE-2019-13726 CVE-2019-13727 CVE-2019-13728 CVE-2019-13729 CVE-2019-13730 CVE-2019-13732 CVE-2019-13734 CVE-2019-13735...

openSUSE Security Update : chromium (openSUSE-2019-2692)

This update for chromium fixes the following issues : Chromium was updated to 79.0.3945.79 boo1158982 - CVE-2019-13725: Fixed a use after free in Bluetooth - CVE-2019-13726: Fixed a heap buffer overflow in password manager - CVE-2019-13727: Fixed an insufficient policy enforcement in WebSockets -...

Design/Logic Flaw

IBM API Connect 2018.1 through 2018.4.1.7 Developer Portal's user registration page does not disable password autocomplete. An attacker with access to the browser instance and local system credentials can steal the credentials used for registration. IBM X-Force ID: 163453...

CVE-2019-4444

IBM API Connect 2018.1 through 2018.4.1.7 Developer Portal's user registration page does not disable password autocomplete. An attacker with access to the browser instance and local system credentials can steal the credentials used for registration. IBM X-Force ID: 163453...

CVE-2019-4444

IBM API Connect CVE-2019-4444 affects Developer Portal on versions 2018.1–2018.4.1.7, where the user registration page does not disable password autocomplete. The vulnerability enables a local attacker with access to the browser and local system credentials to steal registration passwords. Remedi...

chromium-browser: Insufficient policy enforcement in developer tools

Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

IBM API Connect Information Disclosure Vulnerability (CNVD-2019-46451)

IBM API Connect APIConnect is a suite of integrated solutions for managing the API lifecycle from IBM USA. The product supports creating, running, managing, and securing APIs, microservices, and more. An information disclosure vulnerability exists in IBM API Connect versions 2018.1 through...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:2692-1 Rating: important References: 1158982 Cross-References: CVE-2019-13725 CVE-2019-13726 CVE-2019-13727 CVE-2019-13728 CVE-2019-13729 CVE-2019-13730 CVE-2019-13732 CVE-2019-13734 CVE-2019-13735...

CVE-2019-13748

Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

KLA11383 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in Microsoft .NET Framework ca...

CVE-2019-13748

Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

DEBIAN-CVE-2019-13748

Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2019-13748

Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Design/Logic Flaw

Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2019-13748

CVE-2019-13748 affects Google Chrome (and Chromium) prior to 79.0.3945.79. It arises from insufficient policy enforcement in developer tools, allowing a local attacker to extract potentially sensitive information from process memory through a crafted HTML page. The issue is documented across mult...

CVE-2019-13748

Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Moderate: Red Hat Enhancement Advisory: new packages: go-toolset-1.12

New go-toolset-1.12 packages are now available as a part of Red Hat Developer Tools for Red Hat Enterprise Linux. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. This enhancement update adds the go-toolset-1.12 packages to Red Hat Develope...

KLA11618 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Git for Visual Studio can be exploited...

KLA11621 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after...

CORStest - A Simple CORS Misconfiguration Scanner

A simple CORSmisconfiguration scanner Based on theresearch of James Kettle CORStest is a quick & dirty Python 2 tool to find Cross-Origin Resource Sharing CORS misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential...