GSD-2021-1001849 powerpc/smp: do not decrement idle task preempt count in CPU offline

powerpc/smp: do not decrement idle task preempt count in CPU offline This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.76 by commit...

UVI-2021-1001849 powerpc/smp: do not decrement idle task preempt count in CPU offline

powerpc/smp: do not decrement idle task preempt count in CPU offline This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.76 by commit...

DonPAPI - Dumping DPAPI Credz Remotely

Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key protecting TaskScheduled blob...

The vulnerability of the server-based Redmine project and task management web application lies in its ability to read data beyond the allowed buffer size limits, allowing an attacker to compromise the integrity of the data.

The vulnerability of the server-based Redmine project and task management web application is related to incorrect data processing during the formatting of tasks. Exploiting this vulnerability allows an attacker to compromise the integrity of the data...

The vulnerability of Redmine’s project and task management web application regarding information disclosure allows attackers to gain access to confidential data.

The vulnerability of the Redmine web application journal for managing projects and tasks involves the exposure of projectid. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data...

Fedora: Security Advisory for rt (FEDORA-2021-05feb8a8b2)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Active-Directory-Exploitation-Cheat-Sheet

This is a cheat sheet for Windows Active Directory exploitation, containing common enumeration and attack methods. The repository is a collection of PowerShell scripts and modules that can be used to perform various attacks on Active Directory, including domain enumeration, lateral movement, and...

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.27)

An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.27)

An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

[SECURITY] Fedora 33 Update: rt-4.4.5-4.fc33

RT is an enterprise-grade ticketing system which enables a group of people to intelligently and efficiently manage tasks, issues, and requests submitted by a community of users...

Mozilla: Use-after-free in MessageTask

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.15, Thunderbird 91.2, Firefox ESR 91.2, Firefox ESR 78.15, and Firefox 93...

rust-crossbeam-deque: race condition may lead to double free

crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never...

Mozilla: Use-after-free in MessageTask

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.15, Thunderbird 91.2, Firefox ESR 91.2, Firefox ESR 78.15, and Firefox 93...

Mozilla: Use-after-free in MessageTask

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.15, Thunderbird 91.2, Firefox ESR 91.2, Firefox ESR 78.15, and Firefox 93...

Mozilla: Use-after-free in MessageTask

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.15, Thunderbird 91.2, Firefox ESR 91.2, Firefox ESR 78.15, and Firefox 93...

openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1339-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1339-1 advisory. - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the rendere...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1350-1 Rating: important References: 1190765 1191166 1191204 1191463 Cross-References: CVE-2021-37956 CVE-2021-37957 CVE-2021-37958 CVE-2021-37959 CVE-2021-37960 CVE-2021-37961 CVE-2021-37962 CVE-2021-37963...

Mozilla: Use-after-free in MessageTask

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.15, Thunderbird 91.2, Firefox ESR 91.2, Firefox ESR 78.15, and Firefox 93...

Mozilla: Use-after-free in MessageTask

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.15, Thunderbird 91.2, Firefox ESR 91.2, Firefox ESR 78.15, and Firefox 93...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1339-1 Rating: important References: 1190765 1191166 1191204 Cross-References: CVE-2021-37956 CVE-2021-37957 CVE-2021-37958 CVE-2021-37959 CVE-2021-37960 CVE-2021-37961 CVE-2021-37962 CVE-2021-37963...