jenkins: Stored XSS vulnerability in queue item tooltip

Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the reason why a queue items is blcoked in tooltips, resulting in a stored XSS vulnerability exploitable by users able to control parts of the reason a queue item is blocked, such as label expressions not matching any idle executor...

UBUNTU-CVE-2019-18179

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn'...

kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation

A flaw was found in the way the Linux kernel's networking subsystem handled the write queue between TCP disconnection and re-connections. A local attacker could use this flaw to trigger multiple use-after-free conditions potentially escalating their privileges on the system...

RancherOS < 1.5.3 Multiple Vulnerabilities (SACK Panic)

The remote host is running a version of RancherOS prior to v1.5.3, hence is exposed to multiple vulnerabilities: - Linux Kernel is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. CVE-2019-11477 - RancherOS is vulnerable t...

CVE-2019-10584

Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

CVE-2019-10584

Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

CVE-2019-10584

CVE-2019-10584 affects Qualcomm/Snapdragon components (Snapdragon Auto, Compute, Connectivity, Consumer IOT/Industrial IOT, Mobile, Wearables, etc.) with an out-of-bounds access in the debug queue when the packet size field is corrupted. The issue is documented across multiple vendors, including ...

Cisco IOS XE Software Switch Integrated Security Features IPv6 DoS (cisco-sa-20180328-sisf)

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability in the Switch Integrated Security Features due to incorrect handling of crafted IPv6 packets. An unauthenticated, remote attacker can exploit this, by sending crafted IPv6 packets to...

IBM MQ and IBM MQ Appliance Denial of Service Vulnerability (CNVD-2019-46452)

IBM MQ IBM WebSphere MQ and IBM MQ Appliance are both products of IBM Corporation, U.S.A. IBM MQ is a messaging middleware product. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA.IBM MQ Appliance is an all-in-one appliance for rapid...

Memory Leaks

kubernetes is vulnerable to memory leaks. If an event in the queue takes a long time expire, the previous nextReadyAt timers will pile up and the memory will potentially be exhausted, resulting in an application crash...

DEBIAN-CVE-2019-19377

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c...

UBUNTU-CVE-2019-19377

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c...

kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation

A flaw was found in the way the Linux kernel's networking subsystem handled the write queue between TCP disconnection and re-connections. A local attacker could use this flaw to trigger multiple use-after-free conditions potentially escalating their privileges on the system...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the D-Link DSL-6740U gateway Rev. H1 allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to 1 Custom Services in Port Forwarding, 2...

Taking Reputation to Scale: An Iterative Journey with an Agile Approach (Part 2)

In Part 1 of this blog, we shared with you the challenges we had in balancing latency, scalability, and cost for our reputation services. In this blog, we’ll give you some insights into each major iteration along that journey, from the beginning to where we are now. 100 requests per second. Befor...

openSUSE Security Update : qemu (openSUSE-2019-2505)

This update for qemu fixes the following issues : - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 - Fix use-after-free in slirp CVE-2018-20126 bsc1119991 - Fix potential DOS in lsi scsi controller emulation CVE-2019-12068 bsc1146873 - Expose taa-no 'feature',...

HTTP/2: flood using SETTINGS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

CVE-2019-16950

An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript...

SUSE-SU-2019:2956-1 Security update for qemu

This update for qemu fixes the following issues: - Remove a backslash '' escape character from 80-qemu-ga.rules bsc1153358 Unlike sles 15 or newer guests, The udev rule file of qemu guest agent in sles 12 sp4 or newer guest only needs one escape character. - Fix use-after-free in slirp...