4422 matches found
SUSE-SU-2021:14850-1 Security update for clamav
This update for clamav fixes the following issues: - CVE-2018-14679: Fixed off-by-one issue in embedded libmspack that could lead to denial of service bsc1103032. - Update to 0.103.4 bsc1192346. - Add documentation about max file size purpose and side effect in the 'clamscan' and 'clamdscan'...
vulhub
This repository is an open-source collection of vulnerable web applications and tools for security training and research. It is maintained by phith0n and hosted on GitHub. The repository contains a variety of vulnerable applications, including web servers, databases, and other systems, to help...
[SECURITY] Fedora 34 Update: kernel-tools-5.15.4-100.fc34
This package contains the tools/ directory from the kernel source and the supporting documentation...
[SECURITY] Fedora 35 Update: kernel-tools-5.15.4-200.fc35
This package contains the tools/ directory from the kernel source and the supporting documentation...
Scholarship Results
Its time to sum up the results of the 2021 scholarship! As you know, we extended the scholarship for 1 month until October 30th because there were many applications and few finished papers. By October 30 the situation had not changed, only 1 essay had been added and became 4, the number of...
Redherd Framework -A Collaborative And Serverless Framework For Orchestrating A Geographically Distributed Group Of Assets
RedHerd is a collaborative and serverless framework for orchestrating a geographically distributed group of assets capable of conducting simulating complex offensive cyberspace operations. --- Getting Started Take a look at the RedHerd documentation for instructions on how to getting started with...
Moderate: Red Hat Security Advisory: Release of OpenShift Serverless 1.19.0
Release of OpenShift Serverless 1.19.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
Msticpy - Microsoft Threat Intelligence Security Tools
Microsoft Threat Intelligence Python Security Tools. msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks. It includes functionality to: query log data from multiple sources enrich the data with Threat Intelligence, geolocations and Azure resource data extract Indicator...
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2021-25737)
Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes API server that could allow a user to redirect pod traffic to private networks on a node CVE-2021-25737. Vulnerability Details CVEID: CVE-2021-25737 Description: Kubernetes could allow a remote...
django: Potential directory traversal via ``admindocs``
A flaw was found in django. Staff members could use the :mod:django.contrib.admindocs TemplateDetailView view to check the existence of arbitrary files. Additionally, if and only if the default admindocs templates have been customized by the developers to also expose the file contents, then not...
OPENSUSE-SU-2021:3665-1 Security update for drbd-utils
This update for drbd-utils fixes the following issues: - make all binaries position independent basc1185132. - Upgrade to 9.0.18 bsc1189363 build: remove rpm related targets drbdsetup,v84: fix minor compile warnings systemd: resource specific activation systemd: drbd-reactor promoter templates do...
SUSE-SU-2021:3665-1 Security update for drbd-utils
This update for drbd-utils fixes the following issues: - make all binaries position independent basc1185132. - Upgrade to 9.0.18 bsc1189363 build: remove rpm related targets drbdsetup,v84: fix minor compile warnings systemd: resource specific activation systemd: drbd-reactor promoter templates do...
graphviz security update
2.40.1-43 - Fixed races during pdf documentation build which should build docs correctly Related: CVE-2020-18032 2.40.1-42 - Rebuilt, because pdf documentation were built incorrectly Related: CVE-2020-18032 2.40.1-41 - Fixed buffer overflow in lib/common/shapes.c Resolves: CVE-2020-18032...
dnf security and bug fix update
dnf 4.7.0-4.0.1 -Fixed python stack trace with updateinfo list cves command Orabug: 32749660 - Replaced upstream bugzilla reporting reference. Orabug: 32829849 4.7.0-4 - Update translations RhBug:1961632 4.7.0-3 - Improve signature checking using rpmkeys RhBug:1967454 4.7.0-2 - Fix covscan issue:...
kernel security, bug fix, and enhancement update
4.18.0-348.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...
Unclear TwapOracle.consult algorithm
Handle cmichel Vulnerability details The TWAPOracle.consult function is unclear to the auditor. It seems to iterate through all registered pairs that share the token parameter USDV or VADER and then sums up the foreign token pair per token price. And divides this sum sumNative by the summed-up US...
CVE-2021-43616
The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was supposed to have bee...
Design/Logic Flaw
DISPUTED The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was supposed to...
CVE-2021-43616
The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was supposed to have bee...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0413
An update of 'rubygem-nokogiri' packages of Photon OS has been released...