UVI-2021-1002329 sched/fair: Prevent dead task groups from regaining cfs_rq's

sched/fair: Prevent dead task groups from regaining cfsrq's This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...

Hashicorp Nomad 安全漏洞

Hashicorp Nomad is a distributed, data center-aware cluster and application scheduler from Hashicorp, USA. The program supports the deployment of microservices, batch, containerized and non-containerized applications. Hashicorp Nomad suffers from a security vulnerability that stems from an error...

Microsoft Windows Diagnostic Hub Elevation of Privilege Vulnerability

Microsoft Windows Diagnostic Hub is an application from Microsoft Corporation USA. It is not only a task manager, but also a device diagnostic center. This application combines Windows developer tools with UWP functionality to access new information and features.Microsoft Windows Diagnostic Hub i...

JetBrains YouTrack has an unspecified vulnerability (CNVD-2021-91665)

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software has features such as bug tracking, creating workflows and monitoring project progress.JetBrains YouTrack Mobile 2021.2 previously had a security vulnerability that could ...

Employee Daily Task Management System 1.0 Cross Site Scripting

Exploit Title: Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting XSS Date: 09/11/2021 Exploit Author: Ragavender A G Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/edtms.zip Version...

Employee Daily Task Management System 1.0 - (Name) Stored Cross-Site Scripting Vulnerability

Exploit Title: Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting XSS Exploit Author: Ragavender A G Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/edtms.zip Version: v1.0 Tested on:...

CVE-2021-43190

In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible...

CVE-2021-43190

In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible...

Code injection

In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible...

CVE-2021-43190

In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible...

CVE-2021-43190

JetBrains YouTrack Mobile before 2021.2 is affected by a task hijacking vulnerability on Android. The CVE-2021-43190 issue impacts integrity (I:L) with no confidentiality/availability impact, CVSS 3.1 base 5.3. Exploitation appears possible over network with no user interaction. The JetBrains Q3 ...

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software has features such as bug tracking, creating workflows and monitoring project progress.JetBrains YouTrack Mobile 2021.2 previously had a security vulnerability that could ...

Mozilla Firefox Security Advisory (MFSA2021-43) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2021-43. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

GNU Hurd 竞争条件问题漏洞

Gnu Hurd is a Gnu project replacement for the Unix kernel. It is used to implement file systems, network protocols, file access control, and other features implemented by the Unix kernel or similar kernels such as Linux. A security vulnerability exists in GNU Hurd, which originated in GNU Hurd...

[SECURITY] Fedora 33 Update: ansible-2.9.27-1.fc33

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

UBUNTU-CVE-2021-38496

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.15, Thunderbird 91.2, Firefox ESR 91.2, Firefox ESR 78.15, and Firefox 93...

Cross-Site Request Forgery (CSRF) in tsolucio/corebos

Description Hey corebos team, in the meanwhile I find another low level CSRF. attacker can activate/deactivate a Task of workflow with CSRF attack. Proof of Concept // PoC.html history.pushState'', '', '/'...

Sneaking Through Windows: Infostealer Malware Masquerades as Windows Application

This post also includes contributions from Reese Lewis, Andrew Christian, and Seth Lazarus. Rapid7's Managed Detection and Response MDR team leverages specialized toolsets, malware analysis, tradecraft, and collaboration with our colleagues on the Threat Intelligence and Detection Engineering TID...

GSD-2021-1001889 powerpc/smp: do not decrement idle task preempt count in CPU offline

powerpc/smp: do not decrement idle task preempt count in CPU offline This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.15 by commit...

UVI-2021-1001889 powerpc/smp: do not decrement idle task preempt count in CPU offline

powerpc/smp: do not decrement idle task preempt count in CPU offline This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.15 by commit...