67 matches found
SUSE-SU-2020:3065-1 Security update for sane-backends
This update for sane-backends fixes the following issues: sane-backends was updated to 1.0.31 to further improve hardware enablement for scanner devices jscECO-2418 jscSLE-15561 jscSLE-15560 and also fix various security issues: - CVE-2020-12861,CVE-2020-12865: Fixed an out of bounds write...
webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to...
SUSE-SU-2020:2109-1 Security update for python-rtslib-fb
This update for python-rtslib-fb fixes the following issues: - Update to version v2.1.73 bsc1173257 CVE-2020-14019: version 2.1.73 savetofile: fix fd open mode saveconfig: copy temp configfile with permissions saveconfig: open the temp configfile with modes set Fix 'is not' with a literal...
dhoondal.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1066459 Security Researcher Zodx Helped patch 35 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting dhoondal.com website and its users. Following coordinated a...
nationwide-homes.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1052579 Security Researcher geeknik Helped patch 8826 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting nationwide-homes.com websi...
SUSE-SU-2019:2686-1 Security update for libreoffice
This update for libreoffice fixes the following issues: Updated to version 6.2.7.1. Security issues fixed: - CVE-2019-9854: Fixed unsafe URL assembly flaw bsc1149944. - CVE-2019-9855: Fixed path equivalence handling flaw bsc1149943...
otvoreno.hr Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-982073 Security Researcher zeeshan Helped patch 55 vulnerabilities Received 3 Coordinated Disclosure badges Received 2 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting otvoreno.hr website and its...
UBUNTU-CVE-2019-8683
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may...
qemu security update
15:3.1.0-3.el7 - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 15:3.1.0-2.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register...
Security update for webkit2gtk3 (important)
openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2019:1374-1 Rating: important References: 1132256 Cross-References: CVE-2019-11070 CVE-2019-6201 CVE-2019-6251 CVE-2019-7285 CVE-2019-7292 CVE-2019-8503 CVE-2019-8506 CVE-2019-8515 CVE-2019-8518 CVE-2019-8523...
SUSE-SU-2019:0936-1 Security update for libvirt
This update for libvirt provides the following fixes: Security issue fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent bsc1127458. Other issues addressed: -...
UBUNTU-CVE-2019-8563
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution...
OPENSUSE-SU-2019:0152-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: Security issues fixed: - The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations bsc1117951 - Fix FIPS RSA generator bsc1118913 This update was imported from the SUSE:SLE-15:Update update project...
SUSE-SU-2018:2534-1 Security update for compat-openssl097g
This update for compat-openssl097g fixes the following issues: These security issues were fixed: - CVE-2018-0732: During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an...
SUSE-SU-2017:2315-1 Security update for libreoffice
LibreOffice was updated to version 5.3.5.2, bringing new features and enhancements: Writer: - New 'Go to Page' dialog for quickly jumping to another page. - Support for 'Table Styles'. - New drawing tools were added. - Improvements in the toolbar. - Borderless padding is displayed. Calc: - New...
Fedora 21 : unzip-6.0-20.fc21 (2015-2035)
Fix CVE-2014-8139 - CRC32 verification heap-based buffer overread 1174844 - Fix CVE-2014-8140 - out-of-bounds write issue in testcompreb 1174851 - Fix CVE-2014-8141 - getZip64Data out-of-bounds read issues 1174856 - Fix buffer overflow on long file sizes 1191136 - CVE-2014-9636 unzip:...
DLA-68-1 fex - security update
Bulletin has no description...
USN-2124-2: OpenJDK 6 regression
USN-2124-1 fixed vulnerabilities in OpenJDK 6. Due to an upstream regression, memory was not properly zeroed under certain circumstances which could lead to instability. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A vulnerability was discovered in...
Palo Alto Networks Pan-OS 5.0.8 - Multiple Vulnerabilities
from http://thomaspollet.blogspot.be/2013/11/Palo-Alto-XSS.html : A couple of bugs exist in Palo Alto Networks PANOS These issues have been fixed in PANOS 5.0.9 . Example html source code to CSRF POST a rogue cert : 1. PA: 2. 3. 4. 5. 6. ----------------------------- 7. Content-Disposition:...
Admidio 2.3.5 multiple defects and repair-vulnerability warning-the black bar safety net
Title Admidio 2.3.5 Multiple security vulnerabilities Author Stefan Schurtz Affected Software: Successfully tested on Admidio 2.3.5 Developer website: http://www.admidio.org/ Status: has been fixed Defect summary Admidio 2.3.5-containing XSS and SQLi flaws ================== Test //SQLi...