UBUNTU-CVE-2020-24826

A vulnerability in the elf::section::asstrtab function of Libelfin v0.3 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted ELF file...

GPAC 缓冲区错误漏洞

GPAC is an open source multimedia framework. GPAC has a buffer overflow vulnerability in v0.8.0, which originates from a buffer overflow in gfm2tssectioncomplete in mediatools/mpegts.c. An attacker could use this vulnerability to cause a denial of service DOS via a specially crafted MP4 file...

Libelfin 注入漏洞

Libelfin is a C 11 library for reading ELF binaries and DWARFv4 debug information. A denial of service vulnerability exists in the elf::section::asstrtab function of Libelfin 0.3. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted ELF file that cause...

KLA12248 Microsoft Advisory (ESU) for Active Directory Certificate Services

Microsoft is aware of PetitPotam which can potentially be used in an attack on Windows domain controllers or other Microsoft Products Extended Security Update.To prevent NTLM Relay Attacks on networks with NTLM enabled, domain administrators must ensure that services that permit NTLM authenticati...

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description In Bank section the POS part, you don't protect resources from delete with CSRF attacks and then I able to delete/close arbitrary POS cash desk control entities only with knowing their ids. 🕵️‍♂️ Proof of Concept // PoC.html history.pushState'', '', '/' 💥 Impact This vulnerability is...

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description In Bank section the Bank | Cash part, you protect List entities to delete with CSRF attacks but if I set CSRF token to nothings then I able to delete arbitrary List entities only with knowing their ids. 🕵️‍♂️ Proof of Concept // PoC.html history.pushState'', '', '/' input...

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description In Ticket section , you protect tickets from being deleted with CSRF attacks but if I set CSRF token to nothings then I able to delete arbitrary tickets only with knowing their "trackid" parameter. 🕵️‍♂️ Proof of Concept // PoC.html history.pushState'', '', '/' 💥 Impact This...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

KLA12239 PE vulnerability in Microsoft Windows

An elevation of privilege vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2021-36934 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description Attacker able to reopen any Poll in Tools section. 🕵️‍♂️ Proof of Concept // PoC.html https://demo.dolibarr.org/opensurvey/card.php?action=reopen&id=amyra52rg3g4ywzj...

CVE-2020-25444

Cross Site Scripting XSS vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 via the 1 "About Yourself” section under the “My Profile” page, " 2 “Hotel Policy” field under the “Hotel Details” page, 3 “Pricing code” and “name” fields under the “Manage Tour” page, and 4 all t...

Important: Red Hat Security Advisory: linuxptp security update

An update for linuxptp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Rapid7 Joins Statement On DMCA Lawsuits Against Security Tools

Rapid7 has joined a statement from members of the cybersecurity community cautioning against using Section 1201 of the Digital Millennium Copyright Act DMCA to suppress beneficial security tools. In the past, Rapid7 has written extensively about DMCA Sec. 1201’s impact on performing independent...

Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat

✍️ Description The faq section of LiveHelperChat can be modified listing some new questions/answers. However, the template is used incorrectly resulting in a CSTI injection which leads to stored XSS. 🕵️‍♂️ Proof of Concept 1. Install the livechat 2. Go on https://your-host.com/siteadmin/faq/view/1...

Important: container-tools:3.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: vulnerable to symlink exchange attack CVE-2021-30465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

Important: Red Hat Security Advisory: OpenShift Container Platform 3.11.452 bug fix and security update

Red Hat OpenShift Container Platform release 3.11.452 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a...

SUSE: Security Advisory (SUSE-SU-2019:2902-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: qt5-qtimageformats security update

An update for qt5-qtimageformats is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 10.0 (openvswitch) security update

An update for openvswitch is now available for Red Hat OpenStack Platform 10 Newton. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...