GSD-2021-1000398 drm: bridge/panel: Cleanup connector on bridge detach

drm: bridge/panel: Cleanup connector on bridge detach This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...

GSD-2021-1000282 Drivers: hv: vmbus: Use after free in __vmbus_open()

Drivers: hv: vmbus: Use after free in vmbusopen This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...

PYSEC-2021-88

Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites...

GHSA-4GH8-X3VV-PHHG Predictable SIF UUID Identifiers in github.com/sylabs/sif

Impact The siftool new command and func siftool.New produce predictable UUID identifiers due to insecure randomness in the version of the github.com/satori/go.uuid module used as a dependency. Patches A patch is available in version = v1.2.3 of the module. Users are encouraged to upgrade. The pat...

new module: subversion:1.14

Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. This enhancement update adds the subversion:1.14 module to AlmaLinux BZ1844947 For detail...

new module: subversion:1.14

An update is available for subversion, utf8proc, libserf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Subversion SVN is a concurrent version control system...

ALEA-2021:1813 new module: subversion:1.14

Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. This enhancement update adds the subversion:1.14 module to AlmaLinux BZ1844947 For detail...

JetBrains WebStrom Local Code Execution Vulnerability

JetBrains WebStorm is a JavaScript integrated development environment from Czech software development company JetBrains. versions prior to JetBrains WebStorm 2021.1 have a local code execution vulnerability that could be exploited by an attacker to make WebStrom execute local code when pulling co...

CVE-2021-30005

In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS...

CVE-2021-29263

In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS...

Jetbrains JetBrains IntelliJ IDEA 安全漏洞

Jetbrains JetBrains IntelliJ IDEA is a Czech JetBrains integrated development environment for the Java language . A local code execution vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2020.3.3. The vulnerability stems from an insufficient check when the VCS fetches the project...

Jetbrains JetBrains PyCharm 数据伪造问题漏洞

PyCharm is the Python integrated development environment from Czech software development company JetBrains. A local code execution vulnerability exists in PyCharm versions prior to 2020.3.4. The vulnerability stems from insufficient checks when the VCS fetches a project and can be exploited by an...

JetBrains WebStorm 安全漏洞

JetBrains WebStorm is a JavaScript integrated development environment from Czech software development company JetBrains. versions prior to JetBrains WebStorm 2021.1 have a local code execution vulnerability that could be exploited by an attacker to make WebStrom execute local code when pulling co...

Trend Micro Apex One Multiple Vulnerabilities (000263632)

According to its self-reported version, the Trend Micro application running on the remote Windows host is Apex One prior to patch 3 b8378. It is, therefore, affected by multiple vulnerabilities: - A privilege escalation vulnerability in Trend Micro Apex One on Microsoft Windows may allow an...

GitLab Access Control Error Vulnerability (CNVD-2021-22453)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab after version...

OSCP-Exam-Report-Template-Markdown - Markdown Templates For Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP Exam Report

I created an Offensive Security Exam Report Template in Markdown so LaTeX, Microsoft Office Word, LibreOffice Writer are no longer needed during your Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam! Now you can be efficient and faster during your exam report redaction! Speed up writing , don...

Change Storefront to force clients to download a specific Workspace App package

When downloading Workspace App from Storefront landing page, it is pulling the most recent version instead of specific desired Workspace App package...

The vulnerability of the mpatch_apply function in the Mercuria version control software allows a attacker to compromise data integrity.

The vulnerability of the mpatchapply function in the Mercuria version control tool is related to the lack of a mechanism for checking input data. Exploiting this vulnerability allows an attacker to compromise the integrity of data...

The vulnerability of the mpatch_decode function in the Mercuria version control software allows a hacker to compromise data integrity.

The vulnerability of the mpatchdecode function in the Mercuria version control software is related to the lack of a mechanism for checking input data. Exploiting this vulnerability allows an attacker who operates remotely to compromise the integrity of data...

The vulnerability of the mpatch.c component in the Mercuria version control software allows a hacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the mpatch.c component of the Mercuria version control software is related to integer overflow. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...