22 matches found
EUVD-2019-7392
Malware in sbrugna...
EUVD-2018-11127
Malware in sbrugna...
Important: Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release
The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.2 The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18...
WordPress Plugin ProfilePress Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Amazon Linux 2 : squid (ALASSQUID4-2023-002)
The version of squid installed on the remote host is prior to 4.15-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2SQUID4-2023-002 advisory. A flaw was found in squid. A trusted client can directly access the cache manager information, bypassing the manager ACL protecti...
Amazon Linux 2 : squid (ALASSQUID4-2023-004)
The version of squid installed on the remote host is prior to 4.15-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2SQUID4-2023-004 advisory. Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an...
GSD-2023-1000081 sctp: fix memory leak in sctp_stream_outq_migrate()
sctp: fix memory leak in sctpstreamoutqmigrate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.12 by commit...
GSD-2022-1007142 RISC-V: Make port I/O string accessors actually work
RISC-V: Make port I/O string accessors actually work This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...
GSD-2022-1007103 Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure
Bluetooth: hcildisc,serdev: check percpuinitrwsem failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...
GSD-2022-1006150 HID: cp2112: prevent a buffer overflow in cp2112_xfer()
HID: cp2112: prevent a buffer overflow in cp2112xfer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...
GSD-2022-1006079 scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
scsi: storvsc: Remove WQMEMRECLAIM from storvscerrorwq This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.257 by commit...
squid:4 security update
squid 7:4.15-3.1 - Resolves: 2100782 - CVE-2021-46784 squid:4/squid: DoS when processing gopher server responses...
GSD-2022-1002096 drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes()
drm/amd/display: Fix a NULL pointer dereference in amdgpudmconnectoraddcommonmodes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.110 by...
squid:4 security, bug fix, and enhancement update
libecap squid 7:4.15-1 - new version 4.15 - Resolves: 1964384 - squid:4 rebase to 4.15 7:4.11-5 - Resolves: 1944261 - CVE-2020-25097 squid:4/squid: improper input validation may allow a trusted client to perform HTTP Request Smuggling...
Updated squid packages fix security vulnerabilities
Updated squid packages fix security vulnerabilities: Due to improper input validation Squid is vulnerable to an HTTP Request Smuggling attack. This problem allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by Squid security controls CVE-2020-25097...
UBUNTU-CVE-2021-31807
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious...
Squid 1.0 < 4.14, 5.0 < 5.0.5 DoS Vulnerability (GHSA-m47m-9hvw-7447, SQUID-2021:3)
Squid is prone to a denial of service DoS vulnerability in the Cache Manager. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
new module: eclipse:rhel8
Eclipse is an integrated development environment IDE. This enhancement update adds the eclipse:rhel8 module to AlmaLinux The eclipse:rhel8 module provides Eclipse version 4.15, which is based on the Eclipse Foundation's 2020-03 release train. BZ1786637 For detailed information on changes in this...
Selesta Visual Access Manager Directory Traversal Vulnerability
Selesta Visual Access Manager VAM is the Selesta Visual Access Manager. A security vulnerability exists in Selesta Visual Access Manager VAM versions 4.15.0 through 4.29. An attacker can exploit the vulnerability by sending arbitrary content to obtain the full path...
webERP Sales Component SQL Injection Vulnerability
webERP is an open source inventory and financial management system ERP system. The system supports inventory management , rights role management , order management and financial management , etc. Sales is one of the sales component . webERP 4.15 version of the Sales component of the...