Fedora: Security Advisory for libtpms (FEDORA-2021-caf9e04ef1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9 Android Apps On Google Play Caught Distributing AlienBot Banker and MRAT Malware

Cybersecurity researchers have discovered a new malware dropper contained in as many as 9 Android apps distributed via Google Play Store that deploys a second stage malware capable of gaining intrusive access to the financial accounts of victims as well as full control of their devices. "This...

CVE-2020-4863

IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190566...

Cross site scripting

IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192435...

OPENSUSE-SU-2021:0373-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.8.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2021-08 bsc1182614 CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect...

SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:0676-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.8.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2021-08 bsc1182614 - CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redire...

SUSE-SU-2021:0628-1 Security update for salt

This update for salt fixes the following issues: - Fix regression on cmd.run when passing tuples as cmd bsc1182740 - Allow extrafilerefs as sanitized kwargs for SSH client - Fix errors with virt.update - Fix for multiple for security issues CVE-2020-28243 CVE-2020-28972 CVE-2020-35662 CVE-2021-31...

[SECURITY] Fedora 32 Update: mingw-wavpack-5.4.0-1.fc32

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

[SECURITY] Fedora 33 Update: mingw-wavpack-5.4.0-1.fc33

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

CVE-2020-28599

A stack-based buffer overflow vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2020-28599

A stack-based buffer overflow vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2020-28599

A stack-based buffer overflow vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

Code injection

IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality such as a library from a source that is outside of the intended control sphere. IBM X-Force ID: 196619...

CVE-2021-20443

IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality such as a library from a source that is outside of the intended control sphere. IBM X-Force ID: 196619...

Advantech WebAccess/SCADA 路径遍历漏洞

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local file inclusion vulnerability...

OPENSUSE-SU-2021:0277-1 Security update for librepo

This update for librepo fixes the following issues: - Upgrade to 1.12.1 + Validate path read from repomd.xml bsc1175475, CVE-2020-14352 - Changes from 1.12.0 + Prefer mirrorlist/metalink over baseurl rh1775184 + Decode package URL when using for local filename rh1817130 + Fix memory leak in...

Cross site scripting

An out-of-bounds write vulnerability exists in the Obj.cpp loadobj functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

Service Update 0.24 for Microsoft Dynamics 365 9.0

Service Update 0.24 for Microsoft Dynamics 365 9.0 INTRODUCTION Service Update 9.0.24 for Microsoft Dynamics CRM on-premises 9.0 is now available. This article describes the hotfixes and updates that are included in Service Update 9.0.24. MORE INFORMATION Update package| Version number ---|---...

Microsoft Dynamics 365 (on-premises) Update 2.26

Microsoft Dynamics 365 on-premises Update 2.26 Introduction Service Update 2.26 for Microsoft Dynamics CRM on-premises 8.2 is now available. This article describes the hotfixes and updates that are included in Service Update 2.26. More information Update package| Version number ---|--- Microsoft...

SmartFoxServer 2X 2.17.0 Remote Code Execution

SmartFoxServer 2X 2.17.0 God Mode Console Remote Code Execution Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote Admin: 3.2.6 SmartFoxServer 2X, Pro, Basic Summary: SmartFoxServer SFS is a comprehensive SDK for rapidly developing...