152 matches found
CVE-2020-6806
By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 68.6, Firefox 74, Firefox ESR68.6...
The vulnerability of Intel Graphics Drivers’ installers is related to incorrect default resolutions, which allow attackers to exploit their privileges.
The vulnerability of Intel Graphics Drivers’ installers is related to incorrect default resolutions. Exploiting this vulnerability can allow attackers to increase their privileges...
Mozilla: BodyStream:: OnInputStreamReady was missing protections against state confusion
The Mozilla Foundation Security Advisory describes this flaw as: By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash...
Mozilla: BodyStream:: OnInputStreamReady was missing protections against state confusion
The Mozilla Foundation Security Advisory describes this flaw as: By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash...
CVE-2020-6806
By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 68.6, Firefox 74, Firefox ESR68.6...
[SECURITY] Fedora 31 Update: libasr-1.0.4-1.fc31
Libasr allows to run DNS queries and perform hostname resolutions in a fully asynchronous fashion. The implementation is thread-less, fork-less, and doe s not make use of signals or other "tricks" that might get in the developer's way. The API was initially developed for the OpenBSD operating...
Fedora: Security Advisory for libasr (FEDORA-2020-270ef80e9e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
250 Million Microsoft Customer Support Records Exposed Online
If you have ever contacted Microsoft for support in the past 14 years, your technical query, along with some personally identifiable information might have been compromised. Microsoft today admitted a security incident that exposed nearly 250 million "Customer Service and Support" CSS records on...
Product update: Virtuozzo Infrastructure Platform 3.0 Update 4 (3.0.4-63)
This update provides bug fixes and improvements. Vulnerability id: VSTOR-26618, VSTOR-27446 Update Storage config files could be overwritten during the update. Vulnerability id: VSTOR-26621 Storage CS removal could get stuck in the "failed release" state. Vulnerability id: VSTOR-26764, VSTOR-2683...
The vulnerability of the kscreen utility for supporting multiple monitor configurations in the Astra Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the kscreen utility for supporting multiple monitors in the Astra Linux operating system is related to scaling errors when changing screen resolutions. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
CVE-2019-11586
The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...
Cross site request forgery (csrf)
The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...
The AddResolution.jspa resource was vulnerable to CSRF - CVE-2019-11586
The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...
The AddResolution.jspa resource was vulnerable to CSRF - CVE-2019-11586
The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...
python36:3.6 security update
python-PyMySQL 0.8.0-10 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 python-docs 3.6.7-2 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 python-docutils 0.14-12 - Bumping due to problems with modular RPM upgrade path 169558...
Sandbox Restrictions Bypass
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Ja...
Fedora 28 : firefox (2019-a51d6c2384)
Updated to latest upstream 66.0.2 - Fixed BlueJeans playback issues Bug 1691831 ---- - Wayland popup menu/ tooltip fixes mozbz1539471 ---- - New upstream version with Pwn2Own security fixes - Details at https://www.mozilla.org/en-US/firefox/66.0.1/releasenote s/ Note that Tenable Network Security...
java-1.8.0-openjdk security update
1:1.8.0.181-7.b13 - Update to aarch64-jdk8u181-b13. - Remove 8187577/PR3578 now applied upstream. - Resolves: rhbz1594249 1:1.8.0.181-3.b04 - Fix hook to show hserr.log files on failures. - Resolves: rhbz1594249 1:1.8.0.181-3.b04 - Fix requires/provides filters for internal libs. See RHBZ1590796 ...
Dnsmorph - Domain Name Permutation Engine Written In Go
DNSMORPH is a domain name permutation engine, inspired by dnstwist. It is written in Go making for a compact and very fast tool. It robustly handles any domain or subdomain supplied and provides a number of configuration options to tune permutation runs. DNSMORPH includes the following domain...
java-1.8.0-openjdk security update
1:1.8.0.171-7.b10 - Bump release number to be greater than RHEL 7.6 package to allow build with .el7 suffix - Resolves: rhbz1559766 1:1.8.0.171-4.b10 - Rebuilding due to bad nss-softokn brew-root build override - Resolves: rhbz1559766 1:1.8.0.171-3.b10 - Fix jconsole.desktop.in subcategory,...