887931 matches found
DSA-5146-1 puma - security update
Bulletin has no description...
GHSA-WXVR-VQFP-9CQW Denial of service in JBoss resteasy
RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors...
GHSA-V45R-RJ5X-HPG2 Cleartext Transmission of Sensitive Information in Apache CXF
The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers to obtain sensitive information by sniffing th...
GHSA-75P6-52G3-RQC8 Keycloak vulnerable to privilege escalation on Token Exchange feature
A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the clientid of the target. This could allow a client to gain unauthorized access to...
CVE-2021-31805
The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %... syntax. Using forced OGNL evaluation on untrusted user input can lead to a...
GHSA-QPP2-2MCP-2WM5 Unauthenticated user can list hidden document from multiple velocity templates in XWiki
Impact A guest user without the right to view pages of the wiki can still list documents by rendering some velocity documents. Patches The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. Workarounds There is no known workaround for this problem. References...
GHSA-53M6-44RC-H2Q5 Missing server signature validation in OctoberCMS
Impact This advisory affects authors of plugins and themes listed on the October CMS marketplace where an end-user will inadvertently expose authors to potential financial loss by entering their private license key into a compromised server. It has been disclosed that a project fork of October CM...
GO-2021-0239 Improper sanitization when resolving values from DNS in net
The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions and their respective methods on the Resolver type may return arbitrary values retrieved from DNS which do not follow the established RFC 1035 rules for domain names. If these names are used without further sanitization, for...
GHSA-2M9W-9XH2-WXC3 Link Following in Jenkins Pipeline Multibranch Plugin
Jenkins Pipeline: Multibranch Plugin prior to 2.23.1, 2.26.1, 696.698.v9b4218eea50f, and 707.v71c3f0a6ccdb follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step, allowing attackers able to configure Pipelines...
RLSA-2021:4381 Moderate: GNOME security, bug fix, and enhancement update
GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm 40.0, webkit2gtk3 2.32.3. BZ1909300 Security Fixes: webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution CVE-2020-13558...
GHSA-5H9G-X5RV-25WG Cross-site scripting vulnerability in TinyMCE
Impact A cross-site scripting XSS vulnerability was discovered in the schema validation logic of the core parser. The vulnerability allowed arbitrary JavaScript execution when inserting a specially crafted piece of content into the editor using the clipboard or editor APIs. This malicious content...
CVE-2021-41103
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory...
ASB-A-184622099
In qrtrrecvmsg of qrtr.c, there is a possible leak of kernel memory due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
ALSA-2021:3590 Moderate: mysql:8.0 security, bug fix, and enhancement update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.26. BZ1996693 Security Fixes: mysql: Server: Stored Procedure multiple...
UVI-2021-1001089 net: bridge: fix vlan tunnel dst null pointer dereference
net: bridge: fix vlan tunnel dst null pointer dereference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...
GHSA-J239-4GQG-5J54 Inadequate Encryption Strength
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution...
DLA-2559-1 busybox - security update
Bulletin has no description...
DLA-2556-1 unbound1.9 - security update
Bulletin has no description...
ASB-A-169505740
In speculationctrlupdate of process.c, there is a possible way to disable Speculative Store Bypass Disable due to a logic error, which allows for side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction i...
DLA-2481-1 openldap - security update
Bulletin has no description...
ASB-A-160265164
In SPDIFEncoder::writeBurstBufferBytes and related methods of SPDIFEncoder.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation...
DLA-2467-1 lxml - security update
Bulletin has no description...
RLSA-2020:4670 Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa 4.8.7, softhsm...
DLA-2431-1 libonig - security update
Bulletin has no description...
CVE-2020-25595
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...
ASB-A-150156492
In the Bluetooth service, there is a possible spoofing attack due to a logic error. This could lead to remote information disclosure of sensitive information with no additional execution privileges needed. User interaction is needed for exploitation...
GHSA-VMQM-G3VH-847M Denial of service in Apache Xerces2
Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML service, which triggers hash table collisions...
GHSA-GW55-JM4H-X339 Improper Validation of Certificate with Host Mismatch in Java-WebSocket
The Java-WebSocket Client does not perform hostname verification. - This means that SSL certificates of other hosts are accepted as long as they are trusted. To exploit this vulnerability an attacker has to perform a man-in-the-middle MITM attack between a Java application using the Java-WebSocke...
GHSA-G2F6-V5QH-H2MQ Nexus Repository Manager 3 - Remote Code Execution
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2...
DSA-4579-1 nss - security update
Bulletin has no description...
DSA-4542-1 jackson-databind - security update
Bulletin has no description...
DSA-4531-1 linux - security update
Bulletin has no description...
DSA-4520-1 trafficserver - security update
Bulletin has no description...
DLA-1782-1 openjdk-7 - security update
Bulletin has no description...
CVE-2019-0232
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by...
DSA-4420-1 thunderbird - security update
Bulletin has no description...
CVE-2018-20677
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property...
CVE-2018-20676
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute...
PYSEC-2018-32
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext...
DLA-1491-1 tomcat8 - security update
Bulletin has no description...
DSA-4281-1 tomcat8 - security update
Bulletin has no description...
DLA-1445-1 busybox - security update
Bulletin has no description...
CVE-2017-7375
A flaw in libxml2 allows remote XML entity inclusion with default parser flags i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes. Depending on the context, this may expose a higher-risk attack surface in libxml2 not...
CVE-2017-15365
sql/eventdataobjects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language DDL statemen...
DSA-4005-1 openjfx - security update
Bulletin has no description...
DLA-1102-1 apache2 - security update
Bulletin has no description...
CVE-2017-7494
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it...
DLA-842-1 qemu-kvm - security update
Bulletin has no description...
DSA-3616-1 linux - security update
Bulletin has no description...
DLA-483-1 expat - security update
Bulletin has no description...