[SECURITY] Fedora 27 Update: ansible-2.6.1-1.fc27

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 28 Update: ansible-2.6.1-1.fc28

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

RHEL 7 : ansible (RHSA-2018:2151)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2151 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH a...

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Ansible Engine 2.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Kernel: FPU state information leakage via lazy FPU restore

A Floating Point Unit FPU state information leakage flaw was found in the way the Linux kernel saved and restored the FPU state during task switch. Linux kernels that follow the "Lazy FPU Restore" scheme are vulnerable to the FPU state information leakage issue. An unprivileged local attacker cou...

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Ansible Engine 2.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Akiee Cross-Site Scripting Vulnerability

Akiee is a cross-platform Markdown-based task manager. A cross-site scripting vulnerability exists in the 'details' of tasks in Akiee version 0.0.3. A remote attacker can exploit this vulnerability to execute arbitrary code by tricking a user into opening a specially crafted liveflow.md file...

MyBB Group MyBB File Inclusion Vulnerability

MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. MyBB Group A file inclusion vulnerability exists in the Admin panel Tools and Maintenance - Task...

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Red Hat Ansible Engine 2.4 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2018-1000543

Akiee version 0.0.3 contains a XSS leading to code execution due to the use of node integration vulnerability in "Details" of a task is not validated that can result in XSS leading to abritrary code execution. This attack appear to be exploitable via The attacker tricks the victim into opening a...

CVE-2018-1000502

MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel Tools and Maintenance - Task Manager - Add New Task that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions. This attack appear to be exploitable via Must have...

Design/Logic Flaw

MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel Tools and Maintenance - Task Manager - Add New Task that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions. This attack appear to be exploitable via Must have...

Cross site scripting

Akiee version 0.0.3 contains a XSS leading to code execution due to the use of node integration vulnerability in "Details" of a task is not validated that can result in XSS leading to abritrary code execution. This attack appear to be exploitable via The attacker tricks the victim into opening a...

CVE-2018-1000502

The CVE-2018-1000502 in MyBB concerns a File Inclusion vulnerability in the Admin panel (Tools and Maintenance → Task Manager → Add New Task). The issue allows Local File Inclusion on newer PHP versions and Remote File Inclusion on older PHP versions when an attacker has admin access. Affected so...

CVE-2018-1000502

MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel Tools and Maintenance - Task Manager - Add New Task that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions. This attack appear to be exploitable via Must have...

[SECURITY] Fedora 27 Update: ansible-2.5.5-2.fc27

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

WFICA32.exe Shows 100% CPU usage in Task Manager

WFICA32.exe on client shows 100% CPU usage in Task Manager...

Pulp Information Disclosure Vulnerability

Pulp is a free and open source repository platform for managing content. The platform supports pushing content from software packages to consumers. A security vulnerability exists in Pulp, which stems from the program passing sensitive information to the 'overrideconfig' object when a task is...

CVE-2018-1090

In Pulp (before version 2.16.2), secrets are passed into override_config when triggering a task, making them readable to any user with read access on the distributor/importer. This leads to information disclosure via the API: an attacker with API access can view sensitive credentials. The issue i...

CVE-2018-5756

The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 does not properly check for folder-to-object association, which allows remote authenticated users to delete arbitrary tasks via the task id in a...