8751 matches found
[SECURITY] Fedora 31 Update: python-pillow-6.1.0-4.fc31
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...
Weak Password Vulnerability in Tianrongxin NGFW® Next-Generation Firewall
NGFW®, the next-generation firewall of TIANRONGXIN, adopts its own patented operating system NGTOS and security engine, utilizes the advanced Intel® Xeon® processor family and integrates the packet processing framework provided by Intel® Data Plane Development Kit to provide network processing...
wildfly-security-manager: security manager authorization bypass
A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks...
wildfly-security-manager: security manager authorization bypass
A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks...
Stored Cross-Site Scripting Vulnerability in New Jincheng Career Development Education Platform
JC Career Development Education Platform CDEP for short is a network implementation platform for career development education work of universities, colleges and universities, authorities and education and training institutions in China. A stored cross-site scripting vulnerability exists in the ne...
Gnip Banking Trojan Shows Ongoing, Aggressive Development
A new custom mobile banking malware for Android, dubbed Gnip, has emerged onto the scene, and its authors have taken an aggressive development track: Gnip appears to have been cobbled together in under five months, with four different variants already circulating — including a sample released in...
arabdevelopmentportal.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1020698 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting arabdevelopmentportal.com...
RUSTSEC-2019-0031 spin is no longer actively maintained
The author of the spin crate does not have time or interest to maintain it. Consider the following alternatives all of which support nostd: - conquer-once - lockapi a subproject of parkinglot - spinningtop spinlock crate built on lockapi - spinning...
IrfanView Code Issue Vulnerability
IrfanView is an image viewer by Irfan Skiljan software developer in Bosnia and Herzegovina that supports image browsing, image editing, image format conversion and more. A code issue vulnerability exists in IrfanView version 4.53. The vulnerability stems from an improperly designed or implemented...
SITOS six build code issue vulnerability
SITOS is a modular e-learning system. The system includes features such as audio playback, video playback, forums, blogs and social media. A code issue vulnerability exists in SITOS six Build v6.2.1. The vulnerability stems from an improperly designed or implemented code development process for a...
Cross-site Scripting (XSS)
Overview io.ratpack:ratpack-core is a simple, capable, toolkit for creating high performance web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS. This affects the development mode error handler when an exception message contains untrusted data. Note the...
[SECURITY] Fedora 30 Update: limnoria-20191109-2.fc30
Supybot is a robust it doesn't crash, user friendly it's easy to configure and programmer friendly plugins are extremely easy to write Python IRC bot. It aims to be an adequate replacement for most existing IRC bots. It includes a very flexible and powerful ACL system for controlling access to...
DEBIAN-CVE-2019-14818
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhostuser socket, can send specially crafted VRINGSETNUM messages, resulting in a memory leak including file...
The vulnerability of the OAM component in Oracle JDeveloper and ADF allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the OAM component in Oracle JDeveloper and ADF is related to lack of access control. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...
Cisco Small Business SPA500 Series IP Phones Local Script Execution Vulnerability
A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit...
ALBA-2019:3457 new packages: gcc-toolset-9-gdb
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-gdb packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...
new packages: gcc-toolset-9-ltrace
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-ltrace packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...
ALBA-2019:3455 new packages: gcc-toolset-9-ltrace
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-ltrace packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...
ALBA-2019:3449 new packages: gcc-toolset-9-dyninst
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dyninst packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...
new packages: gcc-toolset-9-dyninst
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dyninst packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...