4 matches found
Security update for libmysofa (moderate)
openSUSE Security Update: Security update for libmysofa Announcement ID: openSUSE-SU-2021:0459-1 Rating: moderate References: 1149919 1149920 1149922 1149924 1149926 1159839 1160040 1181977 1181978 1181979 1181980 1181981 1182883 Cross-References: CVE-2019-16091 CVE-2019-16092 CVE-2019-16093...
Saltstack 3000.1 Remote Code Execution
Exploit Title: Saltstack 3000.1 - Remote Code Execution Date: 2020-05-04 Exploit Author: Jasper Lievisse Adriaanse Vendor Homepage: https://www.saltstack.com/ Version: 3000.2, 2019.2.4, 2017., 2018. Tested on: Debian 10 with Salt 2019.2.0 CVE : CVE-2020-11651 and CVE-2020-11652 Discription:...
glibc security update
2.12-1.212.0.1 - backport rh patch 1047983 from OL7, Orabug 25407655 2.12-1.212 - CVE-2017-15670: glob: Fix one-byte overflow with GLOBTILDE 1504810 - CVE-2017-15804: glob: Fix buffer overflow in GLOBTILDE unescaping 1504810 2.12-1.211 - Avoid large allocas in the dynamic linker 1452717 2.12-1.21...
CVE-2017-11424
In PyJWT 1.5.0 and below the invalidstrings check in HMACAlgorithm.preparekey does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string -----BEGIN RSA PUBLIC KEY----- which is not accounted for. This enable...