4533 matches found
openSUSE Security Update : opera (openSUSE-2021-828)
This update for opera fixes the following issues : Update to version 76.0.4017.154 - CHR-8420 Update chromium on desktop-stable-90-4017 to 90.0.4430.212 - DNA-92411 Bookmarks breadcrumbs wrong color when pressed in dark mode - DNA-92587 Sync settings: Use old password button doesnt work - DNA-926...
openSUSE Security Update : opera (openSUSE-2021-829)
This update for opera fixes the following issues : Update to version 76.0.4017.154 - CHR-8420 Update chromium on desktop-stable-90-4017 to 90.0.4430.212 - DNA-92411 Bookmarks breadcrumbs wrong color when pressed in dark mode - DNA-92587 Sync settings: Use old password button doesnt work - DNA-926...
polkit 代码问题漏洞
polkit is a component for controlling system-wide permissions in Unix-like operating systems. It enables communication between processes of different priority by defining and auditing permission rules. A code issue vulnerability exists in polkit that stems from the inability of a requesting proce...
openSUSE: Security Advisory for gstreamer, (openSUSE-SU-2021:0822-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
UVI-2021-1000494 btrfs: fix removed dentries still existing after log is synced
btrfs: fix removed dentries still existing after log is synced This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.7 by commit...
GSD-2021-1000357 i2c: cadence: fix reference leak when pm_runtime_get_sync fails
i2c: cadence: fix reference leak when pmruntimegetsync fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
DEBIAN-CVE-2016-20011
libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. This occurs because of the default behavior of SoupSessionSync...
libgrss 信任管理问题漏洞
libgrss is a Glib library for handling RSS, Atom and other formats of feeds. A security vulnerability exists in libgrss version 0.7.0, which stems from libgrss' inability to perform TLS certificate validation when downloading a feed, and can be exploited by remote attackers to manipulate the...
Azure File Sync Agent v12.1 Release – May 2021 (KB4588751)
Update for Azure File Sync agent version 12.1.0.0. For more details, see the associated Microsoft Knowledge Base article...
Azure File Sync Agent v12.1 Release – May 2021 (KB4588751)
Update for Azure File Sync agent version 12.1.0.0. For more details, see the associated Microsoft Knowledge Base article...
Azure File Sync Agent v12.1 Release – May 2021 (KB4588751)
Update for Azure File Sync agent version 12.1.0.0. For more details, see the associated Microsoft Knowledge Base article...
CVE-2021-28799 Improper Authorization Vulnerability in HBS 3 (Hybrid Backup Sync)
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 Hybrid Backup Sync. If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to...
PT-2021-4456
Name of the Vulnerable Software and Affected Versions HBS 3 versions prior to v16.0.0415 on QTS 4.5.2 HBS 3 versions prior to v3.0.210412 on QTS 4.3.6 HBS 3 versions prior to v3.0.210411 on QTS 4.3.4 HBS 3 versions prior to v3.0.210411 on QTS 4.3.3 HBS 3 versions prior to v16.0.0419 on QuTS hero...
PT-2024-11352 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible use-after-free in the nicstar cleanup function. The problem arises because the del timer function does not wait for the timer handler to finish, whic...
GHSA-F8FH-8RGM-227H OS Command Injection in node-prompt-here
node-prompt-here through 1.0.1 allows execution of arbitrary commands. The runCommand is called by getDevices function in file linux/manager.js, which is required by the index. process.env.NMCLI in the file linux/manager.js. This function is used to construct the argument of function execSync,...
Authorization Bypass
grafana is vulnerable to authorization bypass. The team sync HTTP API allows any authenticated user to add external groups to existing teams. This vulnearbilitycan be abused to grant a user team arbitrary permissions...
GHSA-72RJ-36QC-47G7 Pgsync Contains Cleartext Transmission of Sensitive Information
pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used...
CVE-2021-31671
pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used...
pgsync 安全漏洞
pgsync is an open source application. Synchronizes data from one Postgres database to another. A security vulnerability exists in versions prior to pgsync 0.6.7, which stems from being affected by the disclosure of sensitive information...
Connection security vulnerability with schema sync
pgsync drops connection parameters when syncing the schema with the --schema-first and --schema-only options. Some of these parameters may affect security. For instance, if sslmode is dropped, the connection may not use SSL. The first connection parameter is not affected. pgsync drops connection...