Adobe Fixes Critical ColdFusion Flaw in Emergency Update

In an unscheduled security update, Adobe is warning of a critical security flaw in its ColdFusion platform, used for building web applications. The security alert comes two weeks after Adobe’s regularly-scheduled updates. During these updates, the tech company issued patches for a slew of critica...

USN-4884-1 linux-oem-5.10 vulnerabilities

Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service system crash. CVE-2021-20194 It was discovered that the priority inheritance futex...

USN-4884-1: Linux kernel (OEM) vulnerabilities

Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service system crash. CVE-2021-20194 It was discovered that the priority inheritance futex...

Ubuntu: Security Advisory (USN-4878-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4878-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 Ryota Shiga discovered that the sockopt BPF hooks in th...

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling allowing local users to execute code in the kernel aka CID-34b1a1ce1458.

...

January 2021 Patch Tuesday – 83 Vulnerabilities, 10 Critical, One Zero Day, Adobe

This month’s Microsoft Patch Tuesday addresses 83 vulnerabilities. The 10 Critical vulnerabilities cover Windows codecs, Office, HEVC video extensions, RPC runtime, and several other workstation vulnerabilities. Adobe released patches today for Photoshop, Campaign Classic, InCopy, Illustrator,...

Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content

Adobe Systems has patched seven critical vulnerabilities, which impact Windows, macOS and Linux users. The impact of the serious flaws range from arbitrary code execution to sensitive information disclosure. The software company’s regularly scheduled Tuesday security updates impact a slew of its...

GaussDB Kernel: Configure an Audit Priority Policy

Configures the policy for determining whether audit logs are preferentially stored by space or time. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

openGauss: Configure an Audit Priority Policy

Configures the policy for determining whether audit logs are preferentially stored by space or time. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2020-9299

There were XSS vulnerabilities discovered and reported in the Dispatch application, affecting name and description parameters of Incident Priority, Incident Type, Tag Type, and Incident Filter. This vulnerability can be exploited by an authenticated user...

CVE-2020-9299

There were XSS vulnerabilities discovered and reported in the Dispatch application, affecting name and description parameters of Incident Priority, Incident Type, Tag Type, and Incident Filter. This vulnerability can be exploited by an authenticated user...

Cross site scripting

There were XSS vulnerabilities discovered and reported in the Dispatch application, affecting name and description parameters of Incident Priority, Incident Type, Tag Type, and Incident Filter. This vulnerability can be exploited by an authenticated user...

CVE-2020-9299

There were XSS vulnerabilities discovered and reported in the Dispatch application, affecting name and description parameters of Incident Priority, Incident Type, Tag Type, and Incident Filter. This vulnerability can be exploited by an authenticated user...

CVE-2020-9299

Technical details are not publicly available in the provided documents. Monitor for updates.

Citrix App Layering 4: LayerPriority Utility

Please note: You can download the required file from the Citrix downloads website by visiting the following link:https://www.citrix.com/downloads/citrix-tools Introduction This utility is used to modify the layer priority of App layers. The documentation provided here includes an explanation of...

CVE-2020-27153

In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event...

October 2020 Patch Tuesday – 87 Vulnerabilities, 11 Critical, SharePoint, TCP/IP Stack, Graphics, Adobe Vulns

This month’s Microsoft Patch Tuesday addresses 87 vulnerabilities with 11 of them labeled as Critical. The 11 Critical vulnerabilities cover TCP/IP Stack, SharePoint, Windows Camera Codec Pack, Graphics and several other workstation vulnerabilities. Adobe issued patches today for Adobe Flash...

secure.anthroposophy.org Open Redirect vulnerability OBB-1372550

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...