UBUNTU-CVE-2021-29982

Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory. This vulnerability affects Firefox 91 and Thunderbird 91...

Mozilla Firefox < 91.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 91.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-33 advisory. - Mozilla developers and community members Kershaw Chang, Philipp, Chris Peterson, and Sebastian Hengst reporte...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S. Mozilla Firefox is vulnerable to a type obfuscation vulnerability that stems from a faulty JIT optimization and a type obfuscation error. A remote attacker could trick a victim into opening a carefully construct...

Mozilla Firefox 缓冲区错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a buffer error vulnerability that stems from incorrect instruction reordering during JIT optimization...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2021-29736)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

CVE-2021-24430

The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its cachingexcludeurls and cachingincludequerystrings settings before outputting them in a PHP file, which could lead to RCE...

Design/Logic Flaw

The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its cachingexcludeurls and cachingincludequerystrings settings before outputting them in a PHP file, which could lead to RCE...

This New Malware Hides Itself Among Windows Defender Exclusions to Evade Detection

Cybersecurity researchers on Tuesday lifted the lid on a previously undocumented malware strain dubbed "MosaicLoader" that singles out individuals searching for cracked software as part of a global campaign. "The attackers behind MosaicLoader created a piece of malware that can deliver any payloa...

Vulnerabilities fixed in Citrix ADC, Gateway and SDWAN WAN-OP

Citrix has fixed vulnerabilities in Citrix ADC formerly NetScaler ADC, Gateway formerly NetScaler Gateway and SDWAN WAN-OP. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or gain access to sensitive data by taking over sessions. To cause a Denial-of-Service, the...

OPENSUSE-SU-2021:1052-1 Security update for fossil

This update for fossil fixes the following issues: fossil 2.16: Add the fossil patch command Improve the fossil ui command to work on check-out directories and remote machines web UI improvements Add fossil bisect run command for improved automation of bisects Improve fossil merge handling of...

OPENSUSE-SU-2021:1050-1 Security update for fossil

This update for fossil fixes the following issues: fossil 2.16: Add the fossil patch command Improve the fossil ui command to work on check-out directories and remote machines web UI improvements Add fossil bisect run command for improved automation of bisects Improve fossil merge handling of...

Security update for fossil (moderate)

openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2021:1050-1 Rating: moderate References: 1187988 Affected Products: openSUSE Backports SLE-15-SP3 An update that contains security fixes can now be installed. Description: This update for fossil fixes the following...

Security update for fossil (moderate)

openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2021:1051-1 Rating: moderate References: 1187988 Affected Products: openSUSE Backports SLE-15-SP2 An update that contains security fixes can now be installed. Description: This update for fossil fixes the following...

Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.

Summary There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS Next, IBM Engineering Workflow Management EWM, IBM...

SQL Injection Vulnerability in Zhejiang Dingcheng Network Co.

Zhejiang Dingcheng Network Co., Ltd. is a company with experience in Internet marketing services, the main products are responsive website construction, marketing website construction, website SEO optimization and other Internet marketing basic services. Zhejiang Dingcheng Network Co., Ltd. websi...

Gas griefing attack on the removeUserActiveBlocks function

Handle shw Vulnerability details Impact The consumed gas to remove a user's active block is proportional to the total number of array elements i.e., block numbers. However, the array size can be arbitrarily increased by an attacker with only paying gas fees, causing a gas griefing attack when the...

activeTransactionBlocks are vulnerable to DDoS attacks

Handle pauliax Vulnerability details Impact There is a potential issue in function removeUserActiveBlocks and the for loop inside it. I assume you are aware of block gas limits they may be less relevant on other chains but still needs to be accounted for, so as there is no limit for...

Advanced SystemCare Ultimate Elevation of Privilege Vulnerability (CNVD-2021-57453)

Advanced SystemCare Ultimate, a Windows optimization suite from Iobit that analyzes system performance bottlenecks, is vulnerable to an elevation of privilege vulnerability in Advanced SystemCare Ultimate version 14.2.0.220. A local attacker can exploit this vulnerability by sending a malicious I...

Advanced SystemCare Ultimate Elevation of Privilege Vulnerability (CNVD-2021-57452)

Advanced SystemCare Ultimate, a Windows optimization suite from Iobit that analyzes system performance bottlenecks, is vulnerable to an elevation of privilege vulnerability in Advanced SystemCare Ultimate version 14.2.0.220. A local attacker can exploit this vulnerability by sending a malicious I...

Advanced SystemCare Ultimate Elevation of Privilege Vulnerability (CNVD-2021-57451)

Advanced SystemCare Ultimate is a Windows optimization suite from Iobit that analyzes system performance bottlenecks. advanced SystemCare Ultimate version 14.2.0.220 contains an elevation of privilege vulnerability. An attacker can exploit the vulnerability by sending a malicious I/O request pack...