openSUSE Security Update : gdb (openSUSE-2019-2494)

This update for gdb fixes the following issues : Update to gdb 8.3.1: jscECO-368 Security issues fixed : - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version librpm.so.3...

Security update for gdb (moderate)

openSUSE Security Update: Security update for gdb Announcement ID: openSUSE-SU-2019:2493-1 Rating: moderate References: 1115034 1142772 1145692 Cross-References: CVE-2019-1010180 Affected Products: openSUSE Leap 15.0 An update that solves one vulnerability and has two fixes is now available...

OPENSUSE-SU-2019:2493-1 Security update for gdb

This update for gdb fixes the following issues: Update to gdb 8.3.1: jscECO-368 Security issues fixed: - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version librpm.so.3...

Security update for gdb (moderate)

openSUSE Security Update: Security update for gdb Announcement ID: openSUSE-SU-2019:2494-1 Rating: moderate References: 1115034 1142772 1145692 Cross-References: CVE-2019-1010180 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has two fixes is now available...

Titanium: the Platinum group strikes again

Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium named after a password to one of the self-executable archives. Titanium is the final result of a...

SUSE SLES12 Security Update : gdb (SUSE-SU-2019:2914-1)

This update for gdb fixes the following issues : Update to gdb 8.3.1: jscECO-368 Security issues fixed : CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. Enable librpm for version librpm.so.3...

SUSE SLED15 / SLES15 Security Update : gdb (SUSE-SU-2019:2913-1)

This update for gdb fixes the following issues : Update to gdb 8.3.1: jscECO-368 Security issues fixed : CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. Enable librpm for version librpm.so.3...

SUSE-SU-2019:2916-1 Security update for gdb

This update for gdb fixes the following issues: Update to gdb 8.3.1: jscECO-368 Security issues fixed: - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version librpm.so.3...

Moderate: Red Hat Security Advisory: ansible security update

An update for ansible is now available for Red Hat OpenStack Platform 14.0 Rocky. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

SUSE-SU-2019:2902-1 Security update for gdb

This update for gdb fixes the following issues: Update to gdb 8.3.1: jscECO-368 Security issues fixed: - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version librpm.so.3...

Important: Red Hat Security Advisory: Ansible security update

An update is now available for Ansible Engine 2.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Important: Red Hat Security Advisory: Ansible security and bug fix update

An update is now available for Ansible Engine 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

foreman: authorization bypasses in foreman-tasks leading to information disclosure

An authentication bypass vulnerability was discovered in Foreman. Previously, commit tasks were searched through findresource, which performed authorization checks. After the change to Foreman, an unauthenticated user can view the details of a task through the web UI or API, if they can discover ...

Information Disclosure

ansible is vulnerable to information disclosure. The attack exists when an incorrect parameter name is passed to a module having an argumentspec with sub parameters marked as nolog, causing a failure of the task. It exposes data in sub parameter fields as it leaves the data unmasked if it is run...

CVE-2019-14858

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

CVE-2019-14858

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

Description of the security update for SharePoint Server 2019: October 8, 2019

Description of the security update for SharePoint Server 2019: October 8, 2019 Summary This security update resolves an elevation of privilege vulnerability that exists in Microsoft SharePoint. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2019-1330...

The vulnerability of the task scheduler fly-admin-cron in the FLY operating system of Astra Linux allows a perpetrator to access confidential data, compromise its integrity, and cause service failures due to improper handling of registration data.

The vulnerability of the task scheduler fly-admin-cron in the FLY environment of the Astra Linux operating system is related to an incorrect definition of the user performing the task editing operations. Exploiting this vulnerability allows a remote attacker to gain access to confidential data,...

The vulnerability of the fly-admin-printer print manager in the FLY operating system of Astra Linux allows a attacker to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the fly-admin-printer print manager in the FLY operating system of Astra Linux is related to errors in processing empty tasks, as well as errors in renaming the printer. Exploiting this vulnerability allows a remote attacker to compromise data integrity, gain unauthorized...

CVE-2019-16925

Flower 0.9.3 has XSS via the name parameter in an @app.task call. NOTE: The project author stated that he doesn't think this is a valid vulnerability. Worker name and task name aren’t user facing configuration options. They are internal backend config options and person having rights to change th...