EUVD-2017-4059

Malware in sbrugna...

CVE-2024-26016

A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, thereby gaining ownership of the object. However, it's important to note that access to the analytical data of these charts and dashboards would still be...

CVE-2024-40640 Usage of non-constant time base64 decoder could lead to leakage of secret key material in vodozemac

vodozemac is an open source implementation of Olm and Megolm in pure Rust. Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and PkDecryption Ed25519 secret keys. This flaw might allow an attacker to infer some...

PT-2023-6027

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.0-M11 Apache Tomcat versions 10.1.0-M1 through 10.1.13 Apache Tomcat versions 9.0.0-M1 through 9.0.80 Apache Tomcat versions 8.5.0 through 8.5.93 Description The issue is related to an Incomplete...

SUSE-SU-2023:3341-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: - Update to 12.16 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. bsc1214059...

Citrix Endpoint Management (aka XenMobile Server) 10.15.0 Rolling Patch 3

Package name: xms10.15.0.10327.bin For: XenMobile Server 10.15.0 Deployment type: On-premises only Replaces: xms10.15.0.10220.bin and xms10.15.0.10125.bin Date: July 2023 Languages supported: English US Important notes about this update As a best practice, Citrix recommends that you install this...

SUSE-SU-2023:2572-1 Security update for salt

This update for salt fixes the following issues: - Update to Salt release version 3006.0 jscPED-4361 See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html - Add missing patch after rebase to fix collections Mapping issues - Add python3-looseversion as new dependency...

OPENSUSE-SU-2021:1601-1 Security update for log4j

This update for log4j fixes the following issue: - Previously published fixes for log4jshell turned out to be incomplete. Upstream has followed up on the original patch for CVE-2021-44228 with several additional changes LOG4J2-3198, LOG4J2-3201, LOG4J2-3208, and LOG4J2-3211 that are included in...

SUSE-SU-2021:3859-1 Security update for clamav

This update for clamav fixes the following issues: - CVE-2018-14679: Fixed off-by-one issue in embedded libmspack that could lead to denial of service bsc1103032. - Update to 0.103.4 bsc1192346. - Update to 0.103.3 bsc1188284...

OPENSUSE-SU-2021:0513-1 Security update for chromium

This update for chromium fixes the following issues: Update to 89.0.4389.114 boo1184256 - CVE-2021-21194: Use after free in screen capture - CVE-2021-21195: Use after free in V8 - CVE-2021-21196: Heap buffer overflow in TabStrip - CVE-2021-21197: Heap buffer overflow in TabStrip - CVE-2021-21198:...

OPENSUSE-SU-2020:1966-1 Security update for moinmoin-wiki

This update for moinmoin-wiki fixes the following issues: - update to version 1.9.11: CVE-2020-25074 boo1178744: fix remote code execution via cache action CVE-2020-15275 boo1178745: fix malicious SVG attachment causing stored XSS vulnerability...

SUSE-SU-2020:2443-1 Security update for squid

This update for squid fixes the following issues: squid was updated to version 4.13: - CVE-2020-24606: Fix livelocking in peerDigestHandleReply bsc1175671. - CVE-2020-15811: Improve Transfer-Encoding handling bsc1175665. - CVE-2020-15810: Enforce token characters for field-name bsc1175664...

Debian DSA-281-1 : moxftp - buffer overflow

Knud Erik Hojgaard discovered a vulnerability in moxftp and xftp respectively, an Athena X interface to FTP. Insufficient bounds checking could lead to execution of arbitrary code, provided by a malicious FTP server. Erik Tews fixed this. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...