[SECURITY] Fedora 30 Update: zsh-5.7.1-6.fc30

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...

Fedora: Security Advisory for zsh (FEDORA-2020-9009363f0f)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-0583

Improper access control in the subsystem for IntelR Smart Sound Technology may allow an authenticated user to potentially enable escalation of privilege via local access. This affects Intel® Smart Sound Technology before versions: 10th Generation Intel® Core™ i7 Processors, version 3431 and 8th...

[SECURITY] Fedora 31 Update: zsh-5.7.1-6.fc31

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

AMD is seeking to downplay side-channel attacks that can leak potentially sensitive data from its processors released between 2011 and 2019. The “Take A Way” attack, so-called by researchers with the Graz University of Technology in a new analysis this weekend, is a side-channel attack...

Cross-site Scripting (XSS)

ckeditor4 is vulnerable to cross-site scripting XSS. The attack exists because HTML Data Processor does not discard the comment with ckeprotected syntax, allowing an attacker to inject malicious script with that syntax...

CKEditor cross-site scripting vulnerability (CNVD-2020-16705)

CKEditor is an open source WYSIWYG text editor specialized for use on web pages. A cross-site scripting vulnerability exists in the "HTML Data Processor" in CKEditor. The vulnerability can be exploited by remote attackers to inject arbitrary web scripts via specially crafted "protected" comments...

CVE-2020-9281

A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...

CVE-2020-9281

A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...

Cross site scripting

A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...

UBUNTU-CVE-2020-9281

A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...

Intel SGX and Processor Side Channel Data Leakage Vulnerabilities - Lenovo Support US

No description provided...

Intel SGX and Processor Side Channel Data Leakage Vulnerabilities - Lenovo Support US

Lenovo Security Advisory: LEN-30553 Potential Impact: Information disclosure, escalation of privilege Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0551, CVE-2020-0561 Summary Description: Intel reported potential security vulnerabilities in some Intel Processors that m...

CVE-2020-9281

CVE-2020-9281 is an XSS in CKEditor’s HTML Data Processor that allows remote script execution via a crafted protected comment (CKEditor syntax cke_protected). Affected are CKEditor 4.0–before 4.14. IBM DOORS/DOORS Web Access bullets include this CVE and note remediation: upgrade to CKEditor 4.17....

CVE-2020-9281

A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...

PT-2020-4408 · Cksource +2 · Ckeditor +2

Name of the Vulnerable Software and Affected Versions: CKEditor versions 4.0 through 4.14 Description: A cross-site scripting XSS issue exists due to insufficient input validation in the HTML Data Processor for CKEditor. This allows remote attackers to inject arbitrary web script through a crafte...

CVE-2020-3190

A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service DoS condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An...

Design/Logic Flaw

A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service DoS condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An...

CVE-2020-3190 Cisco IOS XR Software IPsec Packet Processor Denial of Service Vulnerability

A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service DoS condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An...

Cisco IOS XR Software IPsec Packet Processor Denial of Service Vulnerability

A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service DoS condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An...