CVE-2021-45942

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask. NOTE: db217f2 may be inapplicable...

CVE-2021-45944

Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampleddatasample called from sampleddatacontinue and interp...

Cosmos: Race condition in faucet when using starport

Hi team, I and Aditya sent this bug over email on Wed, 29 Dec, 17:45 IST. Later we noticed that security reports are accepted via the HackerOne program. So, I am sending a copy of the bug report here. Summary: We were testing an application and we found a race condition bug in the faucet...

Cross-Site Request Forgery (CSRF) in e107inc/e107

Description Hi there e107 team, there is another CSRF on your downloading plugins feature Proof of Concept 1. Install a local instance of e107. 2. Log in as admin 3. Access this link...

CVE-2021-45485

CVE-2021-45485 affects the Linux kernel IPv6 path: net/ipv6/output_core.c exposes an information leak due to how a hash table is used, enabling IPv6 source address-based observation. Impact is partial confidentiality exposure; no integrity/availability impact stated. Affected: Linux kernel prior ...

WP125 < 1.5.5 - Arbitrary Ad Deletion via CSRF

The plugin does not have CSRF checks in various action, for example when deleting an ad, allowing attackers to make a logged in admin delete them via a CSRF attack PoC https://example.com/wp-admin/admin.php?page=wp125addedit=1...

GHSA-G54H-M393-CPWQ devices resource list treated as a blacklist by default

Impact Contrary to the OCI runtime specification, runc's implementation of the linux.resources.devices list was a black-list by default. This means that users who created their own config.json objects and didn't prefix a deny-all rule "allow": false, "permissions": "rwm" or equivalent were not...

devices resource list treated as a blacklist by default

Impact Contrary to the OCI runtime specification, runc's implementation of the linux.resources.devices list was a black-list by default. This means that users who created their own config.json objects and didn't prefix a deny-all rule "allow": false, "permissions": "rwm" or equivalent were not...

Heap-based Buffer Overflow in allinurl/goaccess

Description Good evening, I hope you're doing well during these challenging times. During recent research, we discovered a heap-buffer-overflow vulnerability impacting countinvalid on line 555 of src/gstorage.c. It appears that this is caused by an excessive number of invalid log strings combined...

CVE-2021-44038

An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users with control of the non-root-owned directory /etc/quagga to escalate their privileges to root upon package installation or update...

Windows 10 Privilege-Escalation Zero-Day Gets Unofficial Fix

A partially unpatched security bug in Windows that could allow local privilege escalation from a regular user to System remains unaddressed fully by Microsoft – but an unofficial micropatch from oPatch has hit the scene. The bug CVE-2021-34484 was originally disclosed and patched as part of...

container-tools:3.0 security and bug fix update

An update is available for fuse-overlayfs, container-selinux, udica, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS...

CVE-2021-41197

CVE-2021-41197 concerns TensorFlow where treating large tensor shapes can overflow int64, causing a CHECK-failure abort during shape construction (notably in operations like tf.math.segment_, SparseCwise , and depthwise-related paths). The issue is addressed by upstream fixes, with the primary pa...

SUSE-SU-2021:3614-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - Fix out-of-bounds write in UAS USB Attached SCSI device emulation bsc1189702, CVE-2021-3713 - Fix heap use-after-free in virtionetreceivercu bsc1189938, CVE-2021-3748 - usbredir: free call on invalid pointer in bufpalloc...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

rollico.com Cross Site Scripting vulnerability OBB-2224614

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Heap-based Buffer Overflow in hoene/libmysofa

Description The variable st-filtlen in the function speexresamplerresetmem is not checked to see if it is 0 before it is used, and after subtracting one, it becomes 0xffffffff, causing heap overflow Proof of Concept src/mysofa2json -c poc ==30201==ERROR: AddressSanitizer: heap-buffer-overflow on...

Cisco SD-WAN Security Bug Allows Root Code Execution

Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could lead to arbitrary code execution. Cisco’s SD-WAN portfolio allows businesses of all sizes to connect disparate office locations via the cloud using various...

Security update for webkit2gtk3 (important)

openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2021:1369-1 Rating: important References: 1188697 1190701 Cross-References: CVE-2021-21806 CVE-2021-30858 CVSS scores: CVE-2021-21806 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-21806 SUSE:...

SUSE-SU-2021:3353-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.4 - CVE-2021-30858: Fixed a security bug that could allow maliciously crafted web content to achieve arbitrary code execution. bsc1190701 - CVE-2021-21806: Fixed an exploitable use-after-free vulnerability via...