Fedora: Security Advisory for golang-github-google-pprof (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: golang-github-google-pprof-0-16.20210802gitc50bf4f.fc35

Pprof is a tool for visualization and analysis of profiling data. Pprof reads a collection of profiling samples in profile.proto format and generates reports to visualize and help analyze the data. It can generate both text and graphical reports through the use of the dot visualization package...

Fedora: Security Advisory for golang-github-google-pprof (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-github-google-pprof-0-16.20210802gitc50bf4f.fc36

Pprof is a tool for visualization and analysis of profiling data. Pprof reads a collection of profiling samples in profile.proto format and generates reports to visualize and help analyze the data. It can generate both text and graphical reports through the use of the dot visualization package...

You can be tracked online using your Chrome browser extensions

A researcher has found a way to generate a fingerprint of your device from your installed Google Chrome extensions, and then use that fingerprint to track you online. Fingerprinting is a way of figuring out what makes your device unique and then using that to identify you as you move around the...

Malicious code in mattermost-webapp-profiling (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0507ee66265c1781e45307f46fd6db9ec8af3481f25b080e9f3d8a628ad350b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4507 Malicious code in mattermost-webapp-profiling (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0507ee66265c1781e45307f46fd6db9ec8af3481f25b080e9f3d8a628ad350b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2022-4876 · Qualcomm · Snapdragon Mobile +1

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Connectivity and Snapdragon Mobile affected versions not specified Description: The issue is related to memory corruption in graphics due to a use-after-free error while graphics profiling. This can potentially allow an...

CVE-2022-22188

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine PFE of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service DoS. The device must be configur...

Heap overflow

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine PFE of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service DoS. The device must be configur...

CVE-2022-22188

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine PFE of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service DoS. The device must be configur...

CVE-2021-35105

Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2021-35105

Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2021-35105

CVE-2021-35105 is a graphics profiling input-validation issue leading to possible out-of-bounds access in Qualcomm Snapdragon components (Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Vision/Music, Wearables). Connected sources attribute the flaw to improper input handling in...

GHSA-R562-M862-63W3 APM Java Agent Local Privilege Escalation

A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account could use the agent to run commands at a higher level of...

CVE-2021-37941

A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account could use the agent to run commands at a higher level of...

APM Java Agent Security Update

APM Java Agent Local Privilege Escalation issue ESA-2021-29 A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account...

gcc security and bug fix update

8.5.0-3.0.2 - Fix Orabug 33451471 and backport CTF/BTF enhancements ctfc: Free CTF container elements in ctfcdeletecontainer ctf: Do not warn for CTF not supported for GNU GIMPLE ICE in btffinalize when compiling with -gbtf PR debug/102507, Orabug 33451471 Reviewed-by: Jose E. Marchesi 8.5.0-3.0....

Wallarm API Firewall outperforms Nginx in a production environment

Wallarm API Firewall is a free light-weighted API Firewall that protects your API endpoints in cloud-native environments with API schema validation. Wallarm API Firewall relies on a positive security model allowing calls that match a predefined API specification, while rejecting everything else...

SolarWinds Orion Platform SQL Injection Vulnerability

SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and profiling of network devices and supports custom web interfaces, multiple user opinions, and map-based browsing of the entire network. The...