Security update for isync (moderate)

openSUSE Security Update: Security update for isync Announcement ID: openSUSE-SU-2021:1185-1 Rating: moderate References: 1186939 Cross-References: CVE-2021-3578 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update for...

Security update for dbus-1 (moderate)

openSUSE Security Update: Security update for dbus-1 Announcement ID: openSUSE-SU-2021:2810-1 Rating: moderate References: 1172505 Cross-References: CVE-2020-12049 CVSS scores: CVE-2020-12049 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-12049 SUSE: 5.5...

Security update for openexr (important)

openSUSE Security Update: Security update for openexr Announcement ID: openSUSE-SU-2021:2793-1 Rating: important References: 1188457 1188458 1188459 1188460 1188461 1188462 Cross-References: CVE-2021-20298 CVE-2021-20299 CVE-2021-20300 CVE-2021-20302 CVE-2021-20303 CVE-2021-20304 CVE-2021-3476 CV...

Attackers use Morse code, other encryption methods in evasive phishing campaign

Cybercriminals attempt to change tactics as fast as security and protection technologies do. During our year-long investigation of a targeted, invoice-themed XLS.HTML phishing campaign, attackers changed obfuscation and encryption mechanisms every 37 days on average, demonstrating high motivation...

Attackers use Morse code, other encryption methods in evasive phishing campaign

Cybercriminals attempt to change tactics as fast as security and protection technologies do. During our year-long investigation of a targeted, invoice-themed XLS.HTML phishing campaign, attackers changed obfuscation and encryption mechanisms every 37 days on average, demonstrating high motivation...

Recommended update for seamonkey (low)

openSUSE Security Update: Recommended update for seamonkey Announcement ID: openSUSE-SU-2021:1129-1 Rating: low References: Affected Products: openSUSE Backports SLE-15-SP3 An update that contains security fixes can now be installed. Description: This update ships seamonkey to openSUSE Leap 15.3...

Security update for linuxptp (important)

openSUSE Security Update: Security update for linuxptp Announcement ID: openSUSE-SU-2021:1102-1 Rating: important References: 1187646 Cross-References: CVE-2021-3570 CVSS scores: CVE-2021-3570 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-3570 SUSE: 8.8...

CVE-2021-36454

Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...

CVE-2021-21865

A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

DEBIAN-CVE-2021-32810

crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never...

UBUNTU-CVE-2021-32810

crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never...

PT-2021-7767 · 3S Smart Software Solutions · Codesys Development System

Name of the Vulnerable Software and Affected Versions: CODESYS Development System version 3.5.16 Description: A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone functionality. This vulnerability can be triggered by a specially crafted file, leadin...

3s-smart Software Solutions CODESYS Development System 代码问题漏洞

3s-smart Software Solutions CODESYS Development System is a set of programming tools for the field of industrial controllers and automation technology from 3S-Smart Software Solutions 3s-smart Software Solutions, Germany. A code issue vulnerability exists in the PackageManagement.plugin...

Security update for icinga2 (moderate)

openSUSE Security Update: Security update for icinga2 Announcement ID: openSUSE-SU-2021:1089-1 Rating: moderate References: Cross-References: CVE-2020-29663 CVE-2021-32739 CVE-2021-32743 CVSS scores: CVE-2020-29663 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2020-29663 SUSE: 5.3...

Unspecified Vulnerability in IBM QRadar SIEM (CNVD-2021-52959)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...

Security update for MozillaFirefox (important)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2021:2393-1 Rating: important References: 1188275 Cross-References: CVE-2021-29970 CVE-2021-29976 CVE-2021-30547 CVSS scores: CVE-2021-30547 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected...

CVE-2020-4980

IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled as well as data at rest. IBM X-Force ID: 192539...

Security Bulletin: IBM QRadar SIEM uses less secure methods for securing data at rest and in transit between hosts (CVE-2020-4980)

Summary IBM QRadar SIEM uses less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled as well as data at rest. Vulnerability Details CVEID: CVE-2020-4980 DESCRIPTION: IBM QRadar SIEM uses less secure methods for protecting data in transit betwe...

Security update for nodejs14 (important)

openSUSE Security Update: Security update for nodejs14 Announcement ID: openSUSE-SU-2021:2354-1 Rating: important References: 1184450 1187973 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-22918 CVE-2021-23362 CVE-2021-27290 CVSS scores: CVE-2020-7774 NVD : 7.3...

Security update for nodejs12 (important)

openSUSE Security Update: Security update for nodejs12 Announcement ID: openSUSE-SU-2021:2327-1 Rating: important References: 1183851 1183852 1184450 1187973 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-22918 CVE-2021-23362 CVE-2021-27290 CVE-2021-3449 CVE-2021-3450 CVSS scores:...