The vulnerability of the FilesystemHandler component in Linux operating systems allows attackers to influence the integrity and confidentiality of data.

The vulnerability of the FilesystemHandler component in Linux operating systems is related to deficiencies in path name validation for restricted-access directories. Exploiting this vulnerability could allow an attacker to influence the integrity and confidentiality of data...

CVE-2020-28971

An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to execute privileged commands on the device via a cookie, because of insufficient validation of URI paths...

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2020-2083)

This update for java-180-openjdk fixes the following issues : - Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. - Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: A...

Security update for java-1_8_0-openjdk (moderate)

openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2020:2048-1 Rating: moderate References: 1174157 1177943 Cross-References: CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621...

openSUSE Security Update : java-11-openjdk (openSUSE-2020-1984)

"This update for java-11-openjdk fixes the following issues : - Update to upstream tag jdk-11.0.9-11 October 2020 CPU, bsc1177943 - New features + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector - Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236196: Improve string pooling ...

SUSE-SU-2020:3359-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.9-11 October 2020 CPU, bsc1177943 New features + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236196: Improve string pooling +...

SUSE-SU-2020:3310-1 Security update for java-1_7_0-openjdk

This update for java-170-openjdk fixes the following issues: - Update to 2.6.24 - OpenJDK 7u281 October 2020 CPU, bsc1177943 Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236862, CVE-2020-14779: Enhance support of Proxy class + JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts +...

librepo security update

1.8.1-8 - Validate paths read from repomd.xml RhBug: 1866500...

RHEL 7 : librepo (RHSA-2020:5012)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5012 advisory. The librepo library provides a C and Python API to download repository metadata. Security Fixes: librepo: missing path validation in repomd.xml may...

SUSE-SU-2020:3159-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.9-11 October 2020 CPU, bsc1177943 New features + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236196: Improve string pooling +...

Elevation of Privilege Vulnerability in Crash Reporter Component of Multiple Apple Products

Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. tvOS is an operating system for smart TVs. An elevation of privilege vulnerability exists in the Crash Reporter component in Apple iOS before 13.6, iPadOS before 13.6, tvOS before 13.4....

Fedora 32 : 1:java-1.8.0-openjdk (2020-a405eea76a)

New in release OpenJDK 8u272 2020-10-20: =========================================== Full versions of these release notes can be found at : - https://bitly.com/openjdk8u272 - https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u272.txt New features - JDK-8245468: Add TLSv1.3...

Elevation of Privilege Vulnerability in the sysdiagnose Component of Multiple Apple Products

Apple iOS is an operating system developed for mobile devices.Apple tvOS is an operating system for smart TVs.Apple iPadOS is an operating system for iPad tablets.Apple iOS is an operating system for mobile devices.Apple tvOS is an operating system for smart TVs.Apple tvOS is an operating system...

Fedora 31 : 1:java-11-openjdk (2020-421f817e5f)

New in release OpenJDK 11.0.9 2020-10-20: =========================================== Full versions of these release notes can be found at : - https://bitly.com/openjdk1109 - https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt Security fixes - JDK-8233624: Enhance JNI linkage -...

Fedora 32 : 1:java-11-openjdk (2020-fdc79d8e5b)

New in release OpenJDK 11.0.9 2020-10-20: =========================================== Full versions of these release notes can be found at : - https://bitly.com/openjdk1109 - https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt Security fixes - JDK-8233624: Enhance JNI linkage -...

CVE-2020-9782

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files...

CVE-2020-9782

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files...

CVE-2020-9782

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files...

Fedora 33 : 1:java-11-openjdk (2020-845860fd4f)

New in release OpenJDK 11.0.9 2020-10-20: =========================================== Full versions of these release notes can be found at : - https://bitly.com/openjdk1109 - https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt Security fixes - JDK-8233624: Enhance JNI linkage -...

CVE-2020-9901

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A local attacker may be able to elevate their privileges...