Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2020-10029 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a denial of service, caused by a stack-based overflow during range reduction. A local...

SUSE SLES12 Security Update : gettext-runtime (SUSE-SU-2021:4060-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:4060-1 advisory. - CVE-2018-18751: Fixed a double free bsc1113719 Tenable has extracted the preceding description block directly from the SUSE security...

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

...

OESA-2021-1456 mailman security update

The GNU mailing list manager. Security Fixes: In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request using that token to set a new admin password or make other changes.CVE-2021-44227...

Ubuntu 18.04 LTS : Mailman vulnerability (USN-5180-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5180-1 advisory. It was discovered that Mailman incorrectly handled CSRF tokens. A remote list member or moderator could possibly use their own token to craft an admin request CSR...

Fedora: Security Advisory for kernel (FEDORA-2021-19ad835cb3)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for hydra (FEDORA-2021-ac23d9e47f)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for librecad (FEDORA-2021-fa9e3c23f2)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for vim (FEDORA-2021-5cd9df120e)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for weston (FEDORA-2021-ac23d9e47f)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for vinagre (FEDORA-2021-ac23d9e47f)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Vulnerability fixed in GNU Mailman

The developers of GNU Mailman have fixed a vulnerability in GNU Mailman. The vulnerability could be exploited by a malicious person abused to perform a Cross-Site Request Forgery XSRF on the administrator page. The developers have released updates to fix the vulnerability fix in GNU Mailman 2.1.3...

HP Printer Buffer Overflow Vulnerability (HPSBPI03749, Printing-Shellz)

Multiple HP printers are prone to a buffer overflow vulnerability dubbed Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

Oracle Linux 7 : mailman (ELSA-2021-4913)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-4913 advisory. - Fix for CVE-2021-44227 - Fix for CVE-2016-6893 - Fix for CVE-2021-42097 Tenable has extracted the preceding description block directly from the Oracl...

SUSE SLED12 / SLES12 Security Update : gmp (SUSE-SU-2021:3878-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3878-1 advisory. - CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inpraw.c bsc1192717. Tenable has extracted the preceding descripti...

CVE-2021-44227

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request using that token to set a new admin password or make other changes...

UBUNTU-CVE-2021-44227

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request using that token to set a new admin password or make other changes...

CVE-2021-44227

GNU Mailman 2.1.x prior to 2.1.38 is affected by CVE-2021-44227, allowing a list member or moderator to obtain a CSRF token and craft an admin request that can change settings or reset the admin password, potentially leading to admin takeover. Multiple advisories confirm the issue across distribu...

CVE-2021-44227

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request using that token to set a new admin password or make other changes...

GNU Mailman 跨站请求伪造漏洞

GNU Mailman is a free suite of software from the GNU community for managing e-mail discussions and e-mail lists. The software integrates with Web projects to make it easy for users to manage email subscription accounts and provides built-in archiving, automatic forwarding processing, content...