It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493) Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)
Current Description. Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.
2020 might have brought most activities to a standstill, but not cybersecurity threats. If anything, 2020 an increase in cybersecurity threats saw as criminals found new ways to take advantage of vulnerabilities and infiltrate business systems. Developments in COVID-19 , which forced workers into remote work, further worsened these attacks.
Without a doubt, Kubernetes is the most important thing that has happened in enterprise computing in the past two decades, rivalling the transformation that swept over the datacenter with server virtualization, first in the early 2000s on RISC/Unix platforms and then during the Great Recession when....
Update to WebKitGTK 2.30.6: * Update user agent quirks again for Google Docs and Google Drive * Fix several crashes and rendering issues. Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870.
Google this week released Chrome 90 to the stable channel for Windows, Mac, and Linux. The update, which will roll out over the coming days and weeks, brings 37 security fixes, HTTPS by default, and other updates to the browser. Chrome 90.0.4430.72 fixes six high-severity vulnerabilities, 10....
In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation. COMPANY. Security-Database help your corporation foresee and avoid any security risks that may impact your IT infrastructure and business applications.
An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user. COMPANY. Security-Database help your corporation foresee and avoid any security risks that may impact your IT infrastructure and business applications.
### Impact Missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion. ### Patches Fixed by 3175fd3. ### Workarounds There are no known workarounds.
The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669. COMPANY. Security-Database help your corporation foresee and avoid any security risks that may impact your IT infrastructure and business applications.
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability.
This week, Jeff and I chat with Ivan Kwiatkowski from Kaspersky’s GReAT to talk about the recent controversy surrounding Google’s decision to “burn” a zero-day exploit in use by US spies. We also talk briefly about another zero-day discovery: Kaspersky found it, and it requires IT teams’ immediate attention.
Description. The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution.
Description. Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation or IP address blacklisting. It is not possible to exfiltrate data or control request headers, but it might be possible to use the attack to perform an internal port enumeration.
It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493) Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user() when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service (memory exhaustion) or execute arbitrary code. (CVE-2021-3492)
Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This requires at least contributor privileges. This has been patched in WordPress 5.7.1, along with the older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.
Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms: "serialized", and "compressed", meaning that BLS signatures can be provided as either of 2 unique byte arrays. Lotus block validation functions perform a uniqueness check on provided blocks. Two blocks are considered distinct if the CIDs of their blockheader do not match. The CID method for blockheader includes the BlockSig of the block. The result of these issues is that it would be possible to punish miners for valid blocks, as there are two different valid block CIDs available for each block, even though this must be unique. By switching from the go based `blst` bindings over to the bindings in `filecoin-ffi`, the code paths now ensure that all signatures are compressed by size and the way they are deserialized. This happened in https://github.com/filecoin-project/lotus/pull/5393.
Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability.
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-28310.
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28325.