SUSE-SU-2021:4063-1 Security update for icu.691

This update for icu.691 fixes the following issues: - Renamed package from icu 69.1 for SUSE:SLE-15-SP3:Update. jscSLE-17893 - Fix undefined behaviour in 'ComplexUnitsConverter::applyRounder' - Update to release 69.1 - For Norwegian, 'no' is back to being the canonical code, with 'nb' treated as...

ALSA-2021:4201 Moderate: babel security and bug fix update

Babel provides tools to build and work with gettext message catalogs, and a Python interface to the CLDR Common Locale Data Repository, providing access to various locale display names, localized number and date formatting, etc. Security Fixes: python-babel: Relative path traversal allows attacke...

Hackers Using Squirrelwaffle Loader to Deploy Qakbot and Cobalt Strike

A new spam email campaign has emerged as a conduit for a previously undocumented malware loader that enables the attackers to gain an initial foothold into enterprise networks and drop malicious payloads on compromised systems. "These infections are also used to facilitate the delivery of...

SquirrelWaffle Loader Malspams, Packs Qakbot, Cobalt Strike

SquirrelWaffle, a new malware loader, is mal-spamming malicious Microsoft Office documents to deliver Qakbot malware and the penetration-testing tool Cobalt Strike – two of the most common threats regularly observed targeting organizations around the world. Cisco Talos researchers said on Tuesday...

October 5, 2021, update for Office 2016 (KB4462197)

October 5, 2021, update for Office 2016 KB4462197 This article describes update 4462197 for Microsoft Office 2016 that was released on October 5, 2021.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply t...

Incorrect Authorization in TYPO3 extension

The l10nmgr aka Localization Manager extension before 7.4.0, 8.x before 8.7.0, and 9.x before 9.2.0 for TYPO3 allows Information Disclosure translatable fields...

Virtuozzo Hybrid Infrastructure 4.6 (4.6.0-208)

In this release, Virtuozzo Hybrid Infrastructure provides a wide range of new features that enhance service providers' operability. The improvements cover compute services, object storage, monitoring, security, localization, and the user interface. Additionally, this release delivers stability...

The vulnerability of the India Localization sub-component and the Results component of Oracle Payables in the Oracle E-Business Suite automation system allows a perpetrator to gain unauthorized access to the device.

The vulnerability of the India Localization sub-component and the Results component of Oracle Payables in the Oracle E-Business Suite system are related to code errors. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to the device through HTTP...

CVE-2021-2259

Vulnerability in the Oracle Payables product of Oracle E-Business Suite component: India Localization, Results. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

CVE-2021-2259

Vulnerability in the Oracle Payables product of Oracle E-Business Suite component: India Localization, Results. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

Design/Logic Flaw

Vulnerability in the Oracle Payables product of Oracle E-Business Suite component: India Localization, Results. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

CVE-2021-2259

CVE-2021-2259 affects Oracle E-Business Suite Payables (India Localization, Results). Affected versions are 12.1.1–12.1.3 and 12.2.3–12.2.10. An attacker with network access via HTTP and low privileges can compromise Oracle Payables, with potential unauthorized creation/deletion/modification of d...

CVE-2021-2259

Vulnerability in the Oracle Payables product of Oracle E-Business Suite component: India Localization, Results. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management, and other functions. A security vulnerability exists in Oracle Payables...

Phishing Campaign Leverages WOFF Obfuscation and Telegram Channels for Communication

FireEye Email Security recently encountered various phishing campaigns, mostly in the Americas and Europe, using source code obfuscation with compromised or bad domains. These domains were masquerading as authentic websites and stole personal information such as credit card data. The stolen...

Product release: Virtuozzo Hybrid Infrastructure 4.0 (4.0.0-734)

In this release, Virtuozzo Hybrid Infrastructure provides a wide range of new features that enhance the end-user experience and service providers' interoperability. The improvements cover networking, storage core, appliance, object storage, monitoring, performance charts, and localization...

CVE-2020-25025

The l10nmgr aka Localization Manager extension before 7.4.0, 8.x before 8.7.0, and 9.x before 9.2.0 for TYPO3 allows Information Disclosure translatable fields...

Information Disclosure in extension "Localization Manager" (l10nmgr)

A missing access check allows an authenticated backend user to view and export data of translatable fields which are outside of the users access scope resulting in Information Disclosure...

February 10, 2015 update for Office Web Apps Server 2013 (KB2956101)

February 10, 2015 update for Office Web Apps Server 2013 KB2956101 This article describes update KB2956101 for Microsoft Office Web Apps Server 2013 that was released on February 10, 2015. This update has a prerequisite. Improvements and Fixes Improves localization to make sure that the meanings...

Cumulative Update 54 for Microsoft Dynamics NAV 2016 (Build 51811)

Cumulative Update 54 for Microsoft Dynamics NAV 2016 Build 51811 This article applies to Microsoft Dynamics NAV 2016 for all countries and all language locales. An information disclosure vulnerability exists if Microsoft Dynamics Business Central/NAV on-premises does not correctly hide the value ...