OESA-2021-1388 aspell security update

GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...

October 12, 2021-KB5005539 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, Windows Server, version 20H2, and Windows Version 21H1

October 12, 2021-KB5005539 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, Windows Server, version 20H2, and Windows Version 21H1 Release Date: October 12, 2021 Version: .NET Framework 3.5 and 4.8 The October 1...

seatd-launch -- privilege escalation with SUID

Kenny Levinsen reports: seatd-launch used execlp, which reads the PATH environment variable to search for the requested executable, to execute seatd. This meant that the caller could freely control what executable was loaded by adding a user-writable directory to PATH. If seatd-launch had the SUI...

GHSA-WCG3-CVX6-7396 Segmentation fault in time

Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library. The...

OPENSUSE-SU-2021:1162-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: ansible: - The support level for ansible is l2, not l3 dracut-saltboot: - Force installation of libexpat.so.1 bsc1188846 - Use kernel parameters from PXE formula also for local boot golang-github-prometheus-prometheus: - Provide and reload firewalld...

openSUSE: Security Advisory for golang-github-prometheus-prometheus (openSUSE-SU-2021:2664-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PT-2021-6458 · Gradle +2 · Gradle +2

Name of the Vulnerable Software and Affected Versions: Gradle versions prior to 7.2 Description: The issue concerns arbitrary code execution when an attacker can change environment variables for the user running the script. This affects those using gradlew on Unix-like systems or scripts generate...

Advisory ROSA-SA-2021-2001

Software: xdg-utils 1.1.0 OS: Cobalt 7.9 CVE-ID: CVE-2014-9622 CVE-Crit: HIGH CVE-DESC: Eval injection vulnerability in xdg-utils 1.1.0 RC1 in the absence of a supported desktop environment allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open. CVE-STATUS:...

Advisory ROSA-SA-2021-1837

Software: fuse 2.9.2 OS: Cobalt 7.9 CVE-ID: CVE-2015-3202 CVE-Crit: HIGH CVE-DESC: fusermount in FUSE before 2.9.3-15 incorrectly clears the environment before calling 1 mount or 2 umount as root user, which allows local users to write arbitrary files via a created environment variable...

CVE-2021-31838 Command injection through environment variable in MVISION EDR

A command injection vulnerability in MVISION EDR MVEDR prior to 3.4.0 allows an authenticated MVEDR administrator to trigger the EDR client to execute arbitrary commands through PowerShell using the EDR functionality 'execute reaction'...

Updated docker-containerd packages fix security vulnerability

In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service that share the same image may receive incorrect...

curl: CVE-2021-22925: TELNET stack contents disclosure again

Summary: CVE-2021-22898: TELNET stack contents disclosure 1176461 issue was recently reported for curl and it was addressed in curl 7.77.0: https://curl.se/docs/CVE-2021-22898.html https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde https://hackerone.com/reports/1176461...

slopShell - The Only Php Webshell You Need

php webshell Since I derped, and forgot to talk about usage. Here goes. For this shell to work, you need 2 things, a victim that allows php file uploadyourself, in an educational environment and a way to send http requests to this webshell. Basic Usage VideoHosted on Youtube: Current VT Detection...

CVE-2021-32638

Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token as a command-line parameter to the process instead ...

CVE-2021-32638

Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token as a command-line parameter to the process instead ...

Design/Logic Flaw

Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token as a command-line parameter to the process instead ...

CVE-2021-32638 CodeQL runner: Command-line options that make GitHub access tokens visible to other processes are now deprecated

Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token as a command-line parameter to the process instead ...

GHSA-F8FH-8RGM-227H OS Command Injection in node-prompt-here

node-prompt-here through 1.0.1 allows execution of arbitrary commands. The runCommand is called by getDevices function in file linux/manager.js, which is required by the index. process.env.NMCLI in the file linux/manager.js. This function is used to construct the argument of function execSync,...

Forced Browsing in Twisted

Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI application's outbou...

SUSE: Security Advisory (SUSE-SU-2016:2904-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...