Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage of this flaw
An update for python is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
The post Acronis and ZNetLive join forces to offer new security solution appeared first on Plesk.
1717503 – Security issue: patch 8.1.1365: source command doesn’t check for the sandbox
Resolves: rhbz#1718986 Updated to 3.29 for CVE-2019-10155 —- Updated to 3.28 (many imported bugfixes)
Resolves: #1715758 – CVE-2019-9946
Update to v1.24.3
Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work, which may result in authentication bypass, denial of service, cross-site scripting, information disclosure and bypass of anti-spam measures.
Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed.
Harrison Neil discovered that the getACL() command in Zookeeper, a service for maintaining configuration information, did not validate permissions, which could result in information disclosure.
Joomla 3.9.8 is now available. This is a bug fix release for the 3.x series of Joomla which addresses one bug introduced into 3.9.7 which affects web sites using the French Help Server.
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
The updated Advanced Virtualization module is now available for Red Hat Enterprise Linux 8.0 Advanced Virtualization. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Joomla 3.9.7 is now available. This is a security fix release for the 3.x series of Joomla which addresses three security vulnerabilities and contains over 40 bug fixes and improvements.
An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update is now available for CloudForms Management Engine 5.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users.
Joomla! CMS versions 3.8.13 through 3.9.6
Upgrade to version 3.9.7
The JSST at the Joomla! Security Centre.
The subform fieldtype does not sufficiently filter or validate input of subfields, this leads to XSS attack vectors.
Joomla! CMS versions 3.6.0 through 3.9.6
Upgrade to version 3.9.7
The JSST at the Joomla! Security Centre.
The CSV export of com_actionslogs is vulnerable to CSV injection.
Joomla! CMS versions 3.9.0 through 3.9.6
Upgrade to version 3.9.7
The JSST at the Joomla! Security Centre.
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for atomic-openshift-web-console is now available for Red Hat Openshift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
The post The WordPress Toolkit 4.1 Update appeared first on Plesk.
A flaw was discovered in the CalDAV feature in httpd of the Cyrus IMAP server, leading to denial of service or potentially the execution of arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
1717503 – Security issue: patch 8.1.1365: source command doesn’t check for the sandbox
Update to version 3.0.10, which fixes a security issue (a buffer overrun vulnerability in the httpd daemon, CVE-2019-11356).
Hanno Böck discovered that Evolution was vulnerable to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted HTML email. This issue was mitigated by moving the security bar with encryption and signature information above the message
Update to version 2.8 from upstream, Security fix for [CVE-2019-11555]
Update to version 3.0.10, which fixes a security issue (a buffer overrun vulnerability in the httpd daemon, CVE-2019-11356).
58 queries. 9 mb Memory usage. 1.296 seconds.