6347 matches found
CVE-2020-24473
CVE-2020-24473 describes an out-of-bounds write in the BMC firmware of Intel Server Boards/Systems/Compute Modules. The issue affects versions before 2.48.ce3e3bd2 and could allow an authenticated local user to escalate privileges. Intel’s advisory INTEL-SA-00476 corroborates this CVE and provide...
Remote Code Execution (RCE)
zope is vulnerable to remote code execution. The vulnerability exists due to untrusted modules available indirectly through Python modules...
SUSE: Security Advisory (SUSE-SU-2018:1760-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:0597-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Zope RCE Vulnerability (GHSA-rpcg-f9q6-2mq6)
Zope is prone to a remote code execution RCE vulnerability via a traversal in TAL expressions. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
SUSE: Security Advisory (SUSE-SU-2017:0606-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1784-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Remote Code Execution via traversal in TAL expressions
This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Impact Most Python modules are not available for using in TAL expressions that you can add...
CVE-2021-32674
Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL...
Design/Logic Flaw
Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL...
CVE-2021-32674
Zope TAL expression traversal vulnerabilities allow untrusted code execution when Zope Page Templates are edited by web users with sufficient permissions. Affected: Zope open-source web application server; root cause: TAL expression evaluation can indirectly access untrusted Python modules. Impac...
CVE-2021-32674 Remote Code Execution via traversal in TAL expressions
Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL...
xen/arm: Boot modules are not scrubbed
ISSUE DESCRIPTION The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the allocator. Unfortunately, i...
Zope 路径遍历漏洞
Zope is a set of object-oriented, open source web application servers written in the Python language from the Zope ZOPE community. Zope suffers from a path traversal vulnerability that stems from the fact that untrusted modules can be obtained indirectly through Python modules that can be used...
Update of nginx-mod-http-image-filter, nginx-mod-http-geoip, nginx-mod-http-perl, nginx, nginx-filesystem, nginx-mod-stream, nginx-mod-http-xslt-filter, nginx-mod-mail, nginx-all-modules
...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:0840-1 Rating: important References: 1186458 Cross-References: CVE-2021-21212 CVE-2021-30521 CVE-2021-30522 CVE-2021-30523 CVE-2021-30524 CVE-2021-30525 CVE-2021-30526 CVE-2021-30527 CVE-2021-30528...
libtpms stack corruption vulnerability
libtpms is an application. Library that provides software emulation of trusted platform modules TPM 1.2 and TPM 2.0. libtpms has a security vulnerability that stems from a stack corruption bug that could lead to SIGBUS bad memory access and termination of swtpm. No detailed vulnerability details...
openSUSE Security Update : chromium (openSUSE-2021-825)
This update for chromium fixes the following issues : Chromium 91.0.4472.77 boo1186458 : - Support Managed configuration API for Web Applications - WebOTP API: cross-origin iframe support - CSS custom counter styles - Support JSON Modules - Clipboard: read-only files support - Remove...
metasploit-framework
This repository is an offensive tool for Metasploit Framework. The Metasploit Framework is a powerful tool for penetration testing and vulnerability assessment. It provides a comprehensive platform for identifying and exploiting vulnerabilities in various systems and applications. The framework...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:0825-1 Rating: important References: 1186458 Cross-References: CVE-2021-21212 CVE-2021-30521 CVE-2021-30522 CVE-2021-30523 CVE-2021-30524 CVE-2021-30525 CVE-2021-30526 CVE-2021-30527 CVE-2021-30528...