211 matches found
The vulnerability of the UpdateProjectUserRights method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the UpdateProjectUserRights method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateProjectConnections, which can be exploited by an attacker to...
OPENSUSE-SU-2021:1648-1 Security update for kernel-firmware
This update for kernel-firmware fixes the following issues: - CVE-2019-15126: Updated Broadcom firmware to fix Kr00k bug bsc1167162. This update was imported from the SUSE:SLE-15-SP1:Update update project...
OPENSUSE-SU-2021:1598-1 Security update for python-pip
This update for python-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references bsc1186819. This update was imported from the SUSE:SLE-15:Update update project...
OPENSUSE-SU-2021:1557-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: - CVE-2021-30846: Fixed memory corruption issue that could lead to arbitrary code execution when processing maliciously crafted web content bsc1192063. - CVE-2021-30851: Fixed memory corruption vulnerability that could lead to arbitrary code...
OPENSUSE-SU-2021:1455-1 Security update for java-1_8_0-openj9
This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u312 build 07 with OpenJ9 0.29.0 virtual machine including Oracle July 2021 and October 2021 CPU changes - CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder on Windows bsc1185056. ...
OPENSUSE-SU-2021:1441-1 Security update for pcre
This update for pcre fixes the following issues: Update pcre to version 8.45: - CVE-2020-14155: Fixed integer overflow via a large number after a '?C' substring bsc1172974. - CVE-2019-20838: Fixed buffer over-read in JIT compiler bsc1172973 This update was imported from the SUSE:SLE-15:Update...
OPENSUSE-SU-2021:1426-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues: Update to version 2.86 - CVE-2021-3448: fixed outgoing port used when --server is used with an interface name. bsc1183709 - CVE-2020-14312: Set --local-service by default bsc1173646. - Open inotify socket only when used bsc1180914. This update w...
OPENSUSE-SU-2021:1418-1 Security update for python
This update for python fixes the following issues: - CVE-2021-3737: Fixed http client infinite line reading DoS after a http 100. bsc1189241 - CVE-2021-3733: Fixed ReDoS in urllib.request. bsc1189287 This update was imported from the SUSE:SLE-15:Update update project...
OPENSUSE-SU-2021:1399-1 Security update for strongswan
This update for strongswan fixes the following issues: A feature was added: - Add authels plugin to support Marvell FC-SP encryption jscSLE-20151 Security issues fixed: - CVE-2021-41991: Fixed an integer overflow when replacing certificates in cache. bsc1191435 - CVE-2021-41990: Fixed an integer...
OPENSUSE-SU-2021:1313-1 Security update for nodejs14
This update for nodejs14 fixes the following issues: - CVE-2021-3672: Fixed missing input validation on hostnames bsc1188881. - CVE-2021-22931: Fixed improper handling of untypical characters in domain names bsc1189370. - CVE-2021-22940: Use after free on close http2 on stream canceling bsc118936...
OPENSUSE-SU-2021:1294-1 Security update for libcroco
This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions bsc1171685. This update was imported from the SUSE:SLE-15-SP2:Update update project...
OPENSUSE-SU-2021:1261-1 Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521. This update was imported from the SUSE:SLE-15:Update update project...
Security update for java-11-openjdk (important)
openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2021:1233-1 Rating: important References: 1185476 1188564 1188565 1188566 SLE-5715 Cross-References: CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 CVSS scores: CVE-2021-2341 NVD : 3.1...
Security update for go1.16 (moderate)
openSUSE Security Update: Security update for go1.16 Announcement ID: openSUSE-SU-2021:1199-1 Rating: moderate References: 1182345 1189162 Cross-References: CVE-2021-36221 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has one errata is now available.Description...
OPENSUSE-SU-2021:1167-1 Security update for haproxy
This update for haproxy fixes the following issues: - Fixes HAProxy vulnerabilities on H2 bsc1189366. This update was imported from the SUSE:SLE-15-SP1:Update update project...
OPENSUSE-SU-2021:1119-1 Security update for libvirt
This update for libvirt fixes the following issues: - CVE-2021-3631: fix SELinux label generation logic bsc1187871 This update was imported from the SUSE:SLE-15-SP2:Update update project...
OPENSUSE-SU-2021:1056-1 Security update for dbus-1
This update for dbus-1 fixes the following issues: - CVE-2020-35512: Fixed a use-after-free or potential undefined behaviour caused by shared UID's bsc1187105 This update was imported from the SUSE:SLE-15-SP1:Update update project...
OPENSUSE-SU-2021:0974-1 Security update for roundcubemail
This update for roundcubemail fixes the following issues: Upgrade to version 1.3.16 This is a security update to the LTS version 1.3. It fixes a recently reported stored cross-site scripting XSS vulnerability via HTML or plain text messages with malicious content. References: - CVE-2020-18670:...
OPENSUSE-SU-2021:0934-1 Security update for tpm2.0-tools
This update for tpm2.0-tools fixes the following issues: - CVE-2021-3565: Fixed issue when no encrypted session with the TPM is used bsc1186490. This update was imported from the SUSE:SLE-15-SP2:Update update project...