4419 matches found
CVE-2019-4323
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."...
CVE-2019-4323
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."...
CVE-2019-4323
CVE-2019-4323 concerns HCL AppScan Enterprise’s advisory API documentation being vulnerable to clickjacking. The CNVD entry specifies that AppScan Enterprise 10.0.0 and earlier versions are affected and that an attacker could inject content from untrustworthy pages by framing the advisory API doc...
Airshare - Cross-platform Content Sharing In A Local Network
Airshare is a Python-based CLI tool and module that lets you transfer data between two machines in a local network, P2P, using Multicast-DNS. It also opens an HTTP gateway for other non-CLI external interfaces. It works completely offline! Built with aiohttp and zeroconf. Checkout the demo...
Low: Red Hat Security Advisory: gettext security update
An update for gettext is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2020-13381
creationtimestamp| type| source ---|---|--- 2020-07-04 15:40:00+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/opensischainexec.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:23+00:00| seen|...
[SECURITY] Fedora 32 Update: python-pillow-7.0.0-4.fc32
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...
OSV-2020-671 Heap-use-after-free in WelsDec::SetUnRef
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18743 Crash type: Heap-use-after-free WRITE 1 Crash state: WelsDec::SetUnRef WelsDec::SlidingWindow WelsDec::WelsMarkAsRef...
GHSA-F6PC-CRHH-CP96 Privilege escalation in Presto
Affected This affects Presto server installations. This does NOT affect clients such as the CLI or JDBC driver. Impact Authenticated users can bypass authorization checks by directly accessing internal APIs. This impacts Presto server installations with secure internal communication configured...
Upgrade Apache Tomcat 8.5.50 - version affected by CVE-2020-9484
h3. Issue Summary The recently disclosed vulnerability regarding Tomcat|https://nvd.nist.gov/vuln/detail/CVE-2020-9484 affects the following versions: Apache Tomcat 7x 7.0.103 Apache Tomcat 8x 8.5.54 Apache Tomcat 9x 9.0.34 Apache Tomcat 10x 10.0.0-M4 We should bundle a more recent version of...
Upgrade Apache Tomcat 8.5.50 - version affected by CVE-2020-9484
h3. Issue Summary The recently disclosed vulnerability regarding Tomcat|https://nvd.nist.gov/vuln/detail/CVE-2020-9484 affects the following versions: Apache Tomcat 7x 7.0.103 Apache Tomcat 8x 8.5.54 Apache Tomcat 9x 9.0.34 Apache Tomcat 10x 10.0.0-M4 We should bundle a more recent version of...
InQL - A Burp Extension For GraphQL Security Testing
A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. InQL Stand-Alone CLI Running inql from Python will issue an Introspection query to the target GraphQL endpoint in order fetch metadata...
OSS-Fuzz - Continuous Fuzzing Of Open Source Software
Fuzz testing is a well-known technique for uncovering programming errors in software. Many of these detectable errors, like buffer overflow, can have serious security implications. Google has found thousands of security vulnerabilities and stability bugs by deploying guided in-process fuzzing of...
SUSE-SU-2020:14400-1 Security update for bind
This update for bind fixes the following issues: - CVE-2020-8616: Fixed the insufficient limit on the number of fetches performed when processing referrals bsc1171740. - CVE-2020-8617: Fixed a logic error in code which checks TSIG validity bsc1171740. - CVE-2018-5741: Fixed the documentation...
Unbreakable Enterprise kernel security update
4.14.35-1902.303.5.3 - rds: Deregister all FRWR mr with freemr Hans Westgaard Ry Orabug: 31476202 - Revert rds: Do not cancel RDMAs that have been posted to the HCA Gerd Rausch Orabug: 31475329 - Revert rds: Introduce rdsconntopath helper Gerd Rausch Orabug: 31475329 - Revert rds: Three cancel...
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2020:1502-1)
This update for qemu fixes the following issues : Security issue fixed : CVE-2020-1983: Fixed a use-after-free in the ipreass function of slirp bsc1170940. Non-security issues fixed : Fixed an issue where limiting the memory bandwidth was not possible bsc1167816. Fixed the issue that s390x could...
SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1501-1)
This update for qemu fixes the following issues : Security issues fixed : CVE-2020-1983: Fixed a use-after-free in the ipreass function of slirp bsc1170940. CVE-2019-20382: Fixed a potential DoS due to a memory leak in VNC disconnect bsc1165776. CVE-2020-1711: Fixed a potential OOB access in the...
Updates to Snort setup guides
Our documentation on Snort 3 running on CentOS and the Snort Rules Writing guide to Snort 3. Thanks to community member Yaser for providing the updates. The Snort 3 guide now has expanded information on logging options — such as syslog and JSON. There is also a new performance optimization sectio...
PT-2022-2876
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 10.1.0-M1 through 10.1.0-M14 Apache Tomcat versions 10.0.0-M1 through 10.0.20 Apache Tomcat versions 9.0.13 through 9.0.62 Apache Tomcat versions 8.5.38 through 8.5.78 Description The issue is related to the...
MGASA-2020-0255 Updated perl packages fix security vulnerability
This update from 5.28.2 to 5.28.3 fixes bugs several bugs the RPM package manager. - Update to 5.23.3 See https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod for release notes - Security release fixes CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723 - Work around a glibc bug ...