205 matches found
CVE-2020-5282
CVE-2020-5282 affects Nick Chan Bot prior to version 1.0.0-beta, where the npm command within the bot can lead to arbitrary shell execution. The root cause is unfiltered input to OS command construction, enabling code execution and potential compromise of the bot. References in multiple sources c...
DEBIAN-CVE-2020-9760
An issue was discovered in WeeChat before 2.7.1 0.3.4 to 2.7 are affected. When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick...
UBUNTU-CVE-2020-9760
An issue was discovered in WeeChat before 2.7.1 0.3.4 to 2.7 are affected. When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick...
Talos Takes back with new episode, feed
By Jon Munshaw. Talos Takes, our new bite-size podcast, is back with its own feed and a new show. We first unveiled Talos Takes in early December, and took some time to develop a new Talos Podcasts page to accommodate Talos Takes and Beers with Talos. Now you have two Talos shows you can subscrib...
Huawei EulerOS: Security Advisory for irssi (EulerOS-SA-2019-2477)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4110-2 dovecot vulnerability
USN-4110-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to caus...
USN-4110-1 dovecot vulnerability
Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
Applocker Evasion - Microsoft Workflow Compiler
This module will assist you in evading Microsoft Windows Applocker and Software Restriction Policies. This technique utilises the Microsoft signed binaries Microsoft.Workflow.Compiler.exe to execute user supplied code. This module requires Metasploit: https://metasploit.com/download Current sourc...
Debian: Security Advisory (DLA-1660-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1660-1] rssh security update
Package : rssh Version : 2.3.4-4+deb8u2 CVE ID : CVE-2019-3463 CVE-2019-3464 More vulnerabilities were found by Nick Cleaton in the rssh code that could lead to arbitrary code execution under certain circumstances. CVE-2019-3463 reject rsync --daemon and --config command-line options; arbitrary...
CVE-2018-19927
Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS via the Display Name for Station Status or Account Settings, related to the goform/zFormsavechanges sipnick parameter. The password of alphaadmin for the admin account may be used for authentication in some cases...
What we’ve got here is failure to communicate: OS vendors misread CPU docs, create flaw
In a memorable scene from “Jumpin’ Jack Flash,” Whoopi Goldberg struggles to understand the lyrics of the eponymous song from the Rolling Stones, as she pleads: “Mick, Mick, Mick, speak English!” It appears that multiple operating system vendors had similar trouble interpreting Intel and AMD...
RHEL 6 : kernel-rt (RHSA-2018:1354)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1354 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
Debian DSA-4196-1 : linux - security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. - CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Moderate: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...