Fedora: Security Advisory for golang-starlark (FEDORA-2022-ba365d3703)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-starlark-0-0.7.20210113gite81fc95.fc36

Starlark is a dialect of Python intended for use as a configuration language. Like Python, it is an untyped dynamic language with high-level data types, first-class functions with lexical scope, and garbage collection. Unlike CPython, independent Starlark threads execute in parallel, so Starlark...

USN-5413-1: Linux kernel vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 It was discovered that a race condition existed in the network...

USN-5413-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 It was discovered that a race condition existed in the network...

Updated mariadb packages fix security vulnerability

InnoDB - --skip-symbolic-links does not disallow .isl file creation MDEV-26870 - Indexed CHAR columns are broken with NOPAD collations MDEV-25440 - insert-intention lock conflicts with waiting ORDINARY lock MDEV-27025 - Crash recovery improvements MDEV-26784, MDEV-27022, MDEV-27183, MDEV-27610...

CVE-2021-42000

When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password...

CVE-2021-42000

When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password...

PT-2022-11527 · Ping Identity · Pingfederate

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue arises when a password reset or password change flow with an authentication policy is configured, and the adapter in the reset or change polic...

Ping Identity PingFederate 安全漏洞

Ping Identity PingFederate is a flagship software-based federation server in the United States. It is used for identity management. PingFederate has a security vulnerability that stems from a faulty password reset process in the software. When a password reset or password modification process wit...

Intel Trace Analyzer And Collector 缓冲区错误漏洞

Intel Trace Analyzer And Collector is a trace analyzer and collector from Intel USA. It is used to analyze Mpi behavior in parallel applications. Intel Trace Analyzer and Collector suffers from a buffer error vulnerability that stems from a potential security flaw in Intel Trace Analyzer and...

Intel Trace Analyzer And Collector 缓冲区错误漏洞

Intel Trace Analyzer And Collector is a trace analyzer and collector from Intel USA. It is used to analyze Mpi behavior in parallel applications. Intel Trace Analyzer and Collector suffers from a buffer error vulnerability that stems from a potential security flaw in Intel Trace Analyzer and...

Denial of Service in Onionshare

Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. - Vulnerability ID: OTF-012 - Vulnerability type: Denial of Service - Threat level: Moderate Description: The receive mode...

[SECURITY] Fedora 33 Update: medusa-2.2-14.20181216git292193b.fc33

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services. Some of the key features of Medusa are: Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently. Flexible user input. Target information...

[SECURITY] Fedora 34 Update: medusa-2.2-17.20181216git292193b.fc34

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services. Some of the key features of Medusa are: Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently. Flexible user input. Target information...

gcc security and bug fix update

8.5.0-3.0.2 - Fix Orabug 33451471 and backport CTF/BTF enhancements ctfc: Free CTF container elements in ctfcdeletecontainer ctf: Do not warn for CTF not supported for GNU GIMPLE ICE in btffinalize when compiling with -gbtf PR debug/102507, Orabug 33451471 Reviewed-by: Jose E. Marchesi 8.5.0-3.0....

LeakDB - Web-Scale NoSQL Idempotent Cloud-Native Big-Data Serverless Plaintext Credential Search

LeakDB is a tool set designed to allow organizations to build and deploy their own internal plaintext "Have I Been Pwned"-like service. The LeakDB tool set can normalize, deduplicate, index, sort, and search leaked data sets on the multi-terabyte-scale, without the need to distribute large files ...

[SECURITY] Fedora 34 Update: condor-8.8.15-1.fc34

HTCondor is a workload management system for high-throughput and high-performance jobs. Like other full-featured batch systems, HTCondor provides a job queuing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs t...

WARCannon - High Speed/Low Cost CommonCrawl RegExp In Node.js

WARCannon was built to simplify and cheapify the process of 'grepping the internet'. With WARCannon, you can: Build and test regex patterns against real Common Crawl data Easily load Common Crawl datasets for parallel processing Scale compute capabilities to asynchronously crunch through WARCs at...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 PoC Introdução Este é um exploit para o CV...

PT-2021-8251 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the io init wq offload function of the Linux kernel's io uring component. This leak occurs when io uring enter is called in parallel, causing t...