Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
dafe8bf08096a9dd5c5307cc38439fa9ac3b5ead595b261dd9e01ddefd2fed0a
Red Hat Security Advisory 2021-0885-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.
fa8005447bcf4f68bf4adcf5cf81b2249271d8d87d161e0ec0e9495ea67aadc8
Red Hat Security Advisory 2021-0871-01 - MongoDB is a higly-scalable document database. The Debezium MongoDB connector includes Java driver to access a MongoDB database.
7639de83e85b757570e0c4bf38efcc0fecb18a15173dbde2296253195f79c108
Ubuntu Security Notice 4880-1 - It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code.
da23875d59947776698a5721625f3bfbf56d82cafbf129c1314d5d2a6a59f4e0
Ubuntu Security Notice 4879-1 - It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
11133301a24779f9f00fc76f4d8a427a2f942a2664c2099bd2170fa27ce298d7
GeoGebra Graphing Calculator version 6.0.631.0 suffers from a denial of service vulnerability.
0999c661fbaafc2fbc6a10529b2217e877416eaa00d829f5999c14113d8bb09e
Microsoft Windows Containers suffers from a DP API design flaw where encryption keys are shared and reused between images.
9ca89e4b58c712f3b5cd994828e6290959a5d09fa6b74c261d55967effb8af17
Ubuntu Security Notice 4878-1 - It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local attacker could use this to ease exploitation of another kernel vulnerability. Various other issues were also addressed.
df5ccf6b30eb1254c2f01c301d72cd7482fb7ffb88f401f19a6a70416eccfa20
GeoGebra 3D Calculator version 5.0.511.0 suffers from a denial of service vulnerability.
6cfc3ae42767c2d48d55f0651904d861b31e8a3c9eca7b5fdc3518ea6aaa5b7d
Red Hat Security Advisory 2021-0848-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
7b4e1980cc8b9f9ac466017ab7b8a6f25685984c2b3e167d5e889a9160d6119e
Ubuntu Security Notice 4877-1 - It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. 吴异 discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of an NFS export that is a subdirectory of a file system. An attacker could possibly use this to bypass NFS access restrictions. Various other issues were also addressed.
bf702878d4fedd9a8fe918e548160de8ead68fc9d18a9edf1f4136790883d8f3
GeoGebra CAS Calculator version 6.0.631.0 suffers from a denial of service vulnerability.
61be0f70b1bf31c8460e508b8955285ad5e0f77c4ccd378e158ed6c98cdfd9eb
Ubuntu Security Notice 4876-1 - Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service in the host OS. It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
b36c8cff2593853a43cf7d61e021f4d82031dfd7518050e64ed110490d8735e4
GeoGebra Classic version 5.0.631.0-d suffers from a denial of service vulnerability.
8cb68e918186e90766010f1f7699fd944d8079e89889a3a57c58cc776d3c7b09
SolarWinds TFTP Server version 11.0.4.101 suffers from a remote unauthenticated reconfiguration vulnerability that could result in code execution.
875755fa3670a1f2faa0470381eb4d5fe1671e54c578c762aea9a129387550d8
Alphaware E-Commerce System version 1.0 suffers from unauthenticated remote shell upload and remote SQL injection vulnerabilities.
fbecea6b0c82b953bb75a6982c2fca7d4e938869ab5be9cbc4582b315ab49413