Microsoft Azure DevOps Server version 2020.0.1 suffers from a cross site scripting vulnerability.
2865bdfc703b7d0f9e4183f21398f57ed28f9364149b790650846f15f2d1f767
Red Hat Security Advisory 2021-1195-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.
4f37c599f7e8c48194ac0302bb61b5f6a42cf2d6e305b8bd8ec073fdc4f53478
Red Hat Security Advisory 2021-1197-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.
7e635439f9063bb6410c061409cd77a0be43c5d5eb27cef4c65a641868d49d21
Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the Horde_Text_Filter library.
61274f1f45025235aa4f5b093517018fc749ec8ab469618084fac2fa0a8d6fe9
HEUR.Hoax.Win32.FrauDrop.gen malware suffers from an insecure permissions vulnerability.
41b968222d8773d20c8b3317a23d105cd36326de7b48f2a0ad6dcfe751c1c099
Red Hat Security Advisory 2021-1192-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.
c948e9ec428568d27a15b05550951abc57ff9feb310c82e6b96d46880c3ddbdd
URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.
b04745000e2c27fd85f7b6af98bdac81b7d1685da87267fc47adea0735a42b95
Red Hat Security Advisory 2021-1196-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.
805fd116b01cb33b9525ec6a734ac818161e1d4d5b49c50e822a0e34a2e417ad
CITSmart ITSM version 9.1.2.27 suffers from a remote time-based blind SQL injection vulnerability.
00f310b365d6f28ece51a2b5cc0898ad40ad47859665986ed15f4c8646f0c5ce
CITSmart ITSM version 9.1.2.22 suffers from an LDAP injection vulnerability.
97de053873681829149a127423d8ad70cb9b802ae2777d48c6c157dc86463114
Red Hat Security Advisory 2021-1193-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.
332440aa23616d424274ca68a996e31b6e75368d0d74703d69046824987fb3b4
Red Hat Security Advisory 2021-1169-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.
ad61386766366b722b219913b56b8cfa60dfc16f9db363fa82bc4c4108510fb1
Trojan.Win32.Agent.zfgh malware suffers from an insecure permissions vulnerability.
4962355bc1a06ada54d7e7c20d668dc1f62d6b693ef0ddb868c0888076f7cf26
MariaDB version 10.2 suffers from a command execution vulnerability.
7b600a800323cd1607ef6b3df7b72a4d052811dfd58a08322cad74c0a8fedacf
Red Hat Security Advisory 2021-1016-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.37. Issues addressed include a denial of service vulnerability.
16b82a78d6c72a76a7a49de72dd71d48892f5736d9e55a186ac3b89d48670317
Red Hat Security Advisory 2021-1184-01 - The ovirt-hosted-engine-setup package provides a self-hosted engine tool for the Red Hat Virtualization Manager. A self-hosted engine is a virtualized environment in which the Manager runs on a virtual machine on the hosts managed by the Manager. Bug Fix: In this release, it is now possible to enter a path to the OVA archive for local appliance installation using the cockpit-ovirt UI. Previously, following a successful migration on the Self-hosted Engine, he HA agent on the source host immediately moved to the state EngineDown, and shorly thereafter tried to start the engine locally, if the destination host didn't update the shared storage quickly enough, marking the Manager virtual machine as being up. As a result, starting the virtual machine failed due to a shared lock held by the destination host. This also resulted in generating false alarms and notifications. In this release, the HA agent first moves to the state EngineMaybeAway, providing the destination host more time to update the shared storage with the updated state. As a result, no notifications or false alarms are generated. Note: in scenarios where the virtual machine needs to be started on the source host, this fix slightly increases the time it takes the Manager virtual machine on the source host to start.
8c4853f907f45df559cfbcef018d60c5fcb4358ea5aa03417502549b5e324f5e
Genexis PLATINUM 4410 version 2.1 P4410-V2-1.28 suffers from a remote command execution vulnerability.
da3a5b768eda92ca4a1de49af219ea2090bddc95e52d6479b4b1e6a84a2910ca
Trojan.Win32.Jorik.qje malware suffers from an insecure permissions vulnerability.
09e3a37ed0bb4fcf11c4b5370ed5a25c4823e0d3d121466bf91c05554547bdf5
Red Hat Security Advisory 2021-1189-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include bypass and null pointer vulnerabilities.
f0ad367a8dacbe7d3f27ab64c77547cac99e0c6d0fd9dfd325275cc2293a40f3
Red Hat Security Advisory 2021-1186-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Bug Fix: Previously, saving user preferences in the Red Hat Virtualization Manager required the MANIPULATE_USERS permission level. As a result, user preferences were not saved on the server. In this release, the required permission level for saving user preferences was changed to EDIT_PROFILE, which is the permission level assigned by default to all users. As a result, saving user preferences works as expected. Issues addressed include a cross site scripting vulnerability.
4c18c1012319e88173dfbea22f337e2c7cfbebdf4b2a56114c37dc6509ff743c
Digital Crime Report Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
117f1c801d0b5dca824192ac540a6ec63690601d04d24bd26e93227bde1a1913
Red Hat Security Advisory 2021-1190-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.
b4855587d2c21eaa956921785d37b83cebbf547204ef5645662bbd6c3b731c03
Ubuntu Security Notice 4905-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code.
4459762b858227b182cf6edf99ec5c603a39341361b44501876cf4e9591de418
jQuery version 1.0.3 suffers from a cross site scripting vulnerability.
7ff5c0bf22409a30bef573c9e5485eb91fec6fb5647f3807595a866b12f17491
jQuery version 1.2 suffers from a cross site scripting vulnerability.
e46a9bcd5c68212173c90bfe7a472e62486ceae0b3bc203dd6d56f46c93fd2a6