Security update for pacemaker (important)

openSUSE Security Update: Security update for pacemaker Announcement ID: openSUSE-SU-2020:1782-1 Rating: important References: 1167171 1173668 1175557 1177916 Cross-References: CVE-2020-25654 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has three fixes is now...

Security update for hunspell (low)

openSUSE Security Update: Security update for hunspell Announcement ID: openSUSE-SU-2020:1719-1 Rating: low References: 1151867 Cross-References: CVE-2019-16707 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for hunspell fix...

FIN11: Widespread Email Campaigns as Precursor for Ransomware and Data Theft

Mandiant Threat Intelligence recently promoted a threat cluster to a named FIN or financially motivated threat group for the first time since 2017. We have detailed FIN11's various tactics, techniques and procedures in a report that is available now by signing up for Mandiant Advantage Free. In...

Enter the Vault: Authentication Issues in HashiCorp Vault

Posted by Felix Wilhelm, Project Zero Introduction In this blog post I'll discuss two vulnerabilities in HashiCorp Vault and its integration with Amazon Web Services AWS and Google Cloud Platform GCP. These issues can lead to an authentication bypass in configurations that use the aws and gcp aut...

PYSEC-2020-223

In the course of work on the open source project it was discovered that authenticated users running queries against Hive and Presto database engines could access information via a number of templated fields including the contents of query description metadata database, the hashed version of the...

Design/Logic Flaw

In the course of work on the open source project it was discovered that authenticated users running queries against Hive and Presto database engines could access information via a number of templated fields including the contents of query description metadata database, the hashed version of the...

CVE-2020-13952

Apache Superset CVE-2020-13952 affects all versions

Exploitability Analysis: Smash the Ref Bug Class

In April 2020, security researcher Gil Dabah published a paper on a set of vulnerabilities he had discovered within the Win32k subsystem of the Windows operating system. These vulnerabilities demonstrated instances of a new class of bugs, dubbed “Smash the Ref.” Dabah’s research included 13 test...

PT-2020-13800 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions prior to 0.37.2 Description: The issue allows authenticated users running queries against Hive and Presto database engines to access sensitive information, including the contents of query description metadata database...

CVE-2020-5930

In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 and BIG-IQ 5.2.0-7.1.0, unauthenticated attackers can cause disruption of service via undisclosed methods...

Ruby through 2.4.7 2.5.x through 2.5.6 and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.

...

Security update for libqt4 (moderate)

openSUSE Security Update: Security update for libqt4 Announcement ID: openSUSE-SU-2020:1530-1 Rating: moderate References: 1118595 1118596 1118599 1121214 1176315 Cross-References: CVE-2018-15518 CVE-2018-19869 CVE-2018-19873 CVE-2020-17507 Affected Products: openSUSE Backports SLE-15-SP2 An upda...

USN-4538-1: PackageKit vulnerabilities

Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. CVE-2020-16121 Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use...

jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...

Security update for lilypond (moderate)

openSUSE Security Update: Security update for lilypond Announcement ID: openSUSE-SU-2020:1453-1 Rating: moderate References: 1174949 Cross-References: CVE-2020-17353 Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available...

Security update for libxml2 (moderate)

openSUSE Security Update: Security update for libxml2 Announcement ID: openSUSE-SU-2020:1465-1 Rating: moderate References: 1176179 Cross-References: CVE-2020-24977 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for libxml2...

Bxss - A Blind XSS Injector Tool

ABlind XSS Injector tool Features Inject Blind XSS payloads into custom headers Inject Blind XSS payloads into parameters Uses Different Request Methods PUT,POST,GET,OPTIONS all at once Tool Chaining Really fast Easy to setup Install $ go get -u github.com/ethicalhackingplayground/bxss Arguments ...

Security update for mumble (moderate)

openSUSE Security Update: Security update for mumble Announcement ID: openSUSE-SU-2020:1439-2 Rating: moderate References: 1174041 Affected Products: openSUSE Backports SLE-15-SP2 An update that contains security fixes can now be installed. Description: This update for mumble fixes the following...

EUVD-2020-12212

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

EUVD-2020-12164

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or dele...