Red Hat Security Advisory 2018-1779-01 - Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Issues addressed include a deserialization vulnerability.
68d8463eb39947b4768e0072e58a98eeb01f9f8c076d5bbe05a00c4fe69a62f8Red Hat Security Advisory 2018-1777-01 - The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop. Issues addressed include a heap overflow vulnerability.
6a5432497654c684dedf725c9d655f9ea79f3a8a1cdb12d1d04ae0bdf435f6abUbuntu Security Notice 3665-1 - It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. It was discovered that Tomcat contained incorrect documentation regarding description of the search algorithm used by the CGI Servlet to identify which script to execute. This issue only affected Ubuntu 17.10. Various other issues were also addressed.
adc3401f4c6099499fc7f32dd5cfa60804e4fe107e205fa1ebecec9060700bf5Ubuntu Security Notice 3664-1 - Sander Bos discovered that Apport incorrectly handled core dumps when certain files are missing from /proc. A local attacker could possibly use this issue to cause a denial of service, gain root privileges, or escape from containers.
f8bd164a4dab67d5f1cb9bbeba62f5dd5317d2b3aefa38f3af5fed9d94f78351Ubuntu Security Notice 3663-1 - It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this to expose sensitive information.
6e45a5fc789db5ccaec3e30ac8ea625ac01af3e620a74f255dc3a13b89b73f97Gentoo Linux Security Advisory 201805-15 - A vulnerability in beep could allow local attackers to escalate privileges. Versions less than 1.3-r3 are affected.
aa82af41ea074698fb9fc3c1b7d3f1b4ed202bf0a19f915e3beb8f95e52410e3Gentoo Linux Security Advisory 201805-14 - Multiple vulnerabilities have been found in procps, the worst of which could result in the execution of arbitrary code. Versions less than 3.3.15-r1 are affected.
15e0a00065c277f09db78800b692b7275807850b07c19e60fa5dc852bc3b3eeeRed Hat Security Advisory 2018-1738-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
e14386ab550049aef13afbf9f2e1655f1fd6b468c84f4e600806783032c5280cRed Hat Security Advisory 2018-1737-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.
12d07b36338aefed0761257d6cedc87be92090e9a360b31c3736aa9d08f6cac0Red Hat Security Advisory 2018-1637-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
d0517fd2db6605db9bc9abd855c413a5da0835227db340c80b01f2d36ba55f17Red Hat Security Advisory 2018-1640-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
656a296a6149092fc15e1d3aaadea3b1349ee57915aa08394c99638055999431Red Hat Security Advisory 2018-1639-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
132ad42b9c49fe643e607a9f05ae75707b4db8fcc38ffa2c95bd8da475181eceRed Hat Security Advisory 2018-1641-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
f8aef9b60c65bcf6fb58d8c84ca80f5500109c8c6662f1f5ea79c1a5c24b5c6dRed Hat Security Advisory 2018-1638-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
1e6f56d6cf5c88e0c9a5347409ffd89abf278b7bea39363845df03764831235eGentoo Linux Security Advisory 201805-13 - Git contains multiple vulnerabilities that allow for the remote execution of arbitrary code. Versions less than 2.16.4 are affected.
1fe4e7c064676ebafd9d90f44aa720dcd43b65e358b63d2c03603333ee051dc1Red Hat Security Advisory 2018-1770-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 7.3 will be retired as of November 30, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 7.3 EUS after November 30, 2018.
c9c180c5e5e89e772bccbbeb65bcdbee58ed3cca5d7944ce14e72a5cfc26f3d0Ubuntu Security Notice 3662-1 - It was discovered that the NVIDIA graphics drivers contained flaws in the kernel mode layer. A local attacker could use these issues to cause a denial of service or potentially escalate their privileges on the system.
e7c8a4345a061d0dc973755a2860b253d6d7d691e5a721d8f47a716f13876a4dUbuntu Security Notice 3661-1 - It was discovered that Batik incorrectly handled certain XML. An attacker could possibly use this to expose sensitive information.
e62d00a17dbff3ffc4e982defa81d09d47e6097888dc92c5f70a48911bf52044VMware Security Advisory 2018-0014 - VMware Horizon Client update addresses a privilege escalation vulnerability.
1f46527c7bd626e6be17f523852debf54c8905d5846bee319e61d90ea81c6120The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib version 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.
aef2419e47ea6d4026994bdeff4c305d9c04fb5575c81572288b93ee7047ba9dUbuntu Security Notice 3586-2 - USN-3586-1 fixed a vulnerability in DHCP. This update provides the corresponding update for Ubuntu 12.04 ESM. Felix Wilhelm discovered that the DHCP client incorrectly handled certain malformed responses. A remote attacker could use this issue to cause the DHCP client to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the dhclient AppArmor profile. Various other issues were also addressed.
87bf0b43aecf798e53a7ec0e8497cf38db7e719785f0c2616c8cddec7692bcc1Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel contained a branch-pruning logic issue around unreachable code. A local attacker could use this to cause a denial of service. The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image. Various other issues were also addressed.
0e3788ff5b92bdb81c16b39e96e620f55d7e00317265a10546173540afa06d71Dell EMC RecoverPoint versions prior to 5.1.2 and Dell EMC RecoverPoint Virtual Machine (VM) versions prior to 5.1.1.3 suffer from command injection, LDAP password leak, and arbitrary file read vulnerabilities.
a32f56f16886245544fb248cad14e2e09e7d117b2031783004120f837bd910e0Accellion Kiteworks versions prior to 2017.01.00 suffer from an authentication bypass vulnerability.
d347dee5b223a51f0bdd3cd6f19b767f912e1d12f4d86c8a16314862e8c9b919Gentoo Linux Security Advisory 201805-12 - Multiple vulnerabilities have been found in NTP, the worst of which could lead to remote code execution. Versions less than 4.2.8_p11 are affected.
818cfb09bc153d933a492ae7af6c8d103329d790eb73e41219b8664276dd14d4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed