152 matches found
The vulnerability of Adobe Premiere Elements software-related video editing programs lies in the creation of temporary files with insecure resolutions, which allows attackers to escalate their privileges.
The vulnerability of Adobe Premiere Elements software-related video editing programs lies in the creation of temporary files with insecure resolutions. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Adobe Creative Cloud Desktop Application, related to the creation of temporary files with insecure resolutions, allows a hacker to trigger a service failure.
The vulnerability of the Adobe Creative Cloud Desktop Application relates to the creation of temporary files with insecure resolutions. Exploiting this vulnerability could allow a hacker to cause a service failure...
The vulnerability of the Adobe Lightroom Classic graphic editor lies in the creation of temporary files with unsafe resolutions, which allows a violator to increase their privileges.
The vulnerability of Adobe Lightroom Classic lies in the creation of temporary files with insecure resolutions. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...
Cross-site Scripting (XSS) - Stored in eventum/eventum
Description Multiple Stored XSS in Administration at eventum 3.10.8 Proof of Concept // PoC.payload " Step to Reproduct Goto Administration Areas and choose to feature below Manage News Input payload into fieldTitle Manage Status Input payload into fieldTitle Manage Projects Input payload into...
OPENSUSE-SU-2021:3641-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3772: Fixed sctp vtag check in sctpsfootb bsc1190351. - CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have...
SUSE-SU-2021:3640-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3772: Fixed sctp vtag check in sctpsfootb bsc1190351. - CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have...
Product Overview: Cynet SaaS Security Posture Management (SSPM)
Software-as-a-service SaaS applications have gone from novelty to business necessity in a few short years, and its positive impact on organizations is clear. It's safe to say that most industries today run on SaaS applications, which is undoubtedly positive, but it does introduce some critical ne...
[SECURITY] Fedora 35 Update: python-pycares-4.0.0-5.fc35
pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously...
OPENSUSE-SU-2021:1199-1 Security update for go1.16
This update for go1.16 fixes the following issues: Update to go1.16.7: - go47473 net/http: panic due to racy read of persistConn after handler panic CVE-2021-36221 bsc1189162 - go47348 cmd/go: 'go list -f '.Stale'' stack overflow with cyclic imports - go47332 time: Timer reset broken under heavy...
MGASA-2021-0339 Updated avahi packages fix a security vulnerability
A flaw was found in avahi 0.8-5. A reachable assertion is present in avahishostnameresolverstart function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this...
OPENSUSE-SU-2021:0715-1 Security update for nagios
This update for nagios fixes the following issues: - new nagios-exec-start-post script to fix boo1003362 - fix nagiosupgrade.sh writing to log file in user controlled directory boo1182398. The nagiosupgrade.sh script writes the logfile directly below /var/log/ nagios was updated to 4.4.6: Fixed M...
CVE-2021-3502
A flaw was found in avahi 0.8-5. A reachable assertion is present in avahishostnameresolverstart function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this...
The vulnerability of Intel Ethernet I210 controller’s microprogramming software, related to errors in the use of standard resolutions, allows a perpetrator to trigger a service failure.
The vulnerability of Intel Ethernet I210 controller’s microprogramming software is related to errors in the use of standard resolutions. Exploiting this vulnerability can allow an attacker to cause a service failure...
SUSE-SU-2021:0097-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP1 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-20934: Fixed a use-after-free in shownumastats because NUMA fault statistics were inappropriately freed, aka CID-16d51a590a8c bsc1179663. -...
Important: Red Hat Bug Fix Advisory: Satellite 6.7.5 Async Bug Fix Update
Updated Satellite 6.7 packages that fix several bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other clien...
Product release: Virtuozzo Hybrid Infrastructure 4.0 (4.0.0-734)
In this release, Virtuozzo Hybrid Infrastructure provides a wide range of new features that enhance the end-user experience and service providers' interoperability. The improvements cover networking, storage core, appliance, object storage, monitoring, performance charts, and localization...
squid:4 security update
squid 7:4.4-8.1 - Resolves: 1828368 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow - Resolves: 1828367 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution...
glibc security, bug fix, and enhancement update
2.28-101.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
DEBIAN-CVE-2020-6806
By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 68.6, Firefox 74, Firefox ESR68.6...
Design/Logic Flaw
By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 68.6, Firefox 74, Firefox ESR68.6...