[SECURITY] Fedora 32 Update: eclipse-m2e-core-1.16.1-1.fc32

The goal of the m2ec project is to provide a first-class Apache Maven suppo rt in the Eclipse IDE, making it easier to edit Maven's pom.xml, run a build f rom the IDE and much more. For Java developers, the very tight integration with JDT greatly simplifies the consumption of Java artifacts eithe...

[SECURITY] Fedora 32 Update: eclipse-emf-2.22.0-2.fc32

The Eclipse Modeling Framework EMF and XML Schema Definition XSD plug-i ns...

Lock and Code S1Ep14: Uncovering security hubris with Adam Kujawa

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Adam Kujawa, security evangelist and director of Malwarebytes Labs, about "security hubris," the simple phenomenon in which businesses are less secure th...

coredns cri-o cri-tools etcd flannel kata kata-agent kata-image kata-ksm-throttler kata-proxy kata-runtime kata-shim kubernetes kubernetes-cni kubernetes-cni-plugins kubernetes-dashboard olcne yq security update

coredns 1.3.1-1.0.6 - Address CVE-2020-16845 1.3.1-1.0.5 - Fix image location cri-o 1.14.7-1.0.8 - Address CVE-2020-16845 cri-tools 1.14.0-1.0.6 - Address CVE-2020-16845 etcd 3.3.10-1.0.5 - Address CVE-2020-16845 3.3.10-1.0.4 - Fix image location flannel 0.10.0-2.1.12 - Address CVE-2020-16845...

kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update

kubernetes 1.12.10-1.0.15 - Address CVE-2020-16845 kubeadm-ha-setup 0.0.2-1.0.73 - Fix update to coredns image tag 0.0.2-1.0.72 - Address CVE-2020-16845 kubernetes-cni 0.7.1-1.0.3 - Pin min version of cni-plugins kubernetes-cni-plugins 0.8.6-1.0.3 - Address CVE-2020-16845...

Oracle Linux 7 : kubernetes / kubeadm-ha-setup / kubernetes-cni / kubernetes-cni-plugins (ELSA-2020-5825)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5825 advisory. - Address CVE-2020-16845 kubeadm-ha-setup - Address CVE-2020-16845 kubernetes-cni Tenable has extracted the preceding description block directly from the Oracle...

Sitadel

This is a web application security scanner called Sitadel, which is an update for WAScan making it compatible with Python 3.4 and above. It allows for more flexibility in writing new modules and implementing new features, such as frontend framework detection, content delivery network detection, a...

CVE-2020-20634

Elementor 2.9.5 and below WordPress plugin allows authenticated users to activate its safe mode feature. This can be exploited to disable all security plugins on the blog...

CVE-2020-20634

Elementor 2.9.5 and below WordPress plugin allows authenticated users to activate its safe mode feature. This can be exploited to disable all security plugins on the blog...

CVE-2020-20634

Elementor 2.9.5 and below WordPress plugin allows authenticated users to activate its safe mode feature. This can be exploited to disable all security plugins on the blog...

PT-2020-15277 · Elementor · Elementor

Name of the Vulnerable Software and Affected Versions: Elementor versions 2.9.5 and below Description: The issue allows authenticated users to activate the safe mode feature, which can be exploited to disable all security plugins on the blog. Recommendations: For versions 2.9.5 and below, update ...

Cross-Site Scripting (XSS)

jenkins-2-plugins/matrix-project is vulnerable to cross-site scripting XSS in multiple axis builds tooltips...

Foxit Reader 3.1.0.0111 < 3.2 Privilege Escalation (macOS)

The version of Foxit Reader for Mac installed on the remote macOS host is 3.1.0.0111. It is, therefore, affected by a privilege escalation vulnerability due to incorrect permission setting. An attacker could exploit this by modifying the dynamic libraries in the Plugins directory. Note that Nessu...

CVE-2020-17480

TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor...

BurpSuite-collections

有关burpsuite的插件非商店,文章以及使用技巧的收集此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载---Collection of burpsuite plugins non-stores, articles and tips for using Burpsuite, no crack version file...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.5.4 jenkins-2-plugins security update

An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 4.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

RHEL 7 : OpenShift Container Platform 4.5.4 jenkins-2-plugins (RHSA-2020:3207)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:3207 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...

Important: Red Hat Security Advisory: Container-native Virtualization security, bug fix, and enhancement update

Red Hat OpenShift Virtualization release 2.4.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...

CVE-2020-15593

SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among different processes and uses IPC Inter-Process Communicati...

Directory traversal

SteelCentral Aternity Agent before 11.0.0.120 on Windows allows Privilege Escalation via a crafted file. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among different processes...