Inateck BCST-60 Barcode Scanner suffers from a keystroke injection vulnerability.
c50880f8974ac7beaee4a55dd46fc351b8ac265c434798d48f41fea5ac5aea77Debian Linux Security Advisory 4578-1 - Multiple security issues were found in libvpx multimedia library which could result in denial of service and potentially the execution of arbitrary code if malformed WebM files are processed.
9538be1083464e26484b6e8ca14c4fc07df96b18373e03b573fb4fce4742f597Multiple denial of service vulnerabilities have been discovered and disclosed in the axTLS library versions 2.1.5 and below.
4b795ed8fab6f7bf3baf0d923f7583ab93caeae5946f05ef62eac4fd030fc492Ubuntu Security Notice 4204-1 - Riccardo Schirone discovered that psutil incorrectly handled certain reference counting operations. An attacker could use this issue to cause psutil to crash, resulting in a denial of service, or possibly execute arbitrary code.
adc7ec85d31f5349a8be376afe8cf08edc4acfe1a9f39099e09b041b7b93cb51Debian Linux Security Advisory 4577-1 - Tim Dusterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections.
354b9471b47cedf156fae21fdd08eeb96eab9831e2b07a6b5c32125d5f285f6cThe CBC Gem Android and iOS applications (Android version 9.24.0 and below, iOS version 9.24.0 and below) sends potentially sensitive information such as device model and resolution, mobile carrier, days since first use, days since last use, total number of app launches, number of app launches since upgrade, and previous app session length, unencrypted to both first and third party sites (Adobe Marketing Cloud, ScorecardResearch).
0d3444a9cc732375e29149b598c57075ea9f0555e5ce5015c7e21c27660080f2Ubuntu Security Notice 4203-2 - USN-4203-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
0dc3942145547db7073c63f6ed48403541f54ab1a7bc5cfe6da8ba310b7067d9Ubuntu Security Notice 4203-1 - It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.
26d9f79b62cfc9666137eb11e7d3580960296b1498984ff8db3f39ee2986e7c3Red Hat Security Advisory 2019-4019-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
77fa65a96baf59af0b8d531b976dca7bd2a1955703ee9de2463044589dae5a5eRed Hat Security Advisory 2019-4018-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
ffe3f5988be6dd7a943f7be36a8d49a6410ecc07b452747fa50d6382976ff83aRed Hat Security Advisory 2019-4021-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
0722e12f5fc13d3dca84d18ffee8fd509dbd0efd0904fc31534cd18260a15f5dRed Hat Security Advisory 2019-4020-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
73f3bff9f1fe90e77f6f4781409305530671950778c27d425306cc58a81efb24A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.
deb671a58483113fa01c7556131f6c1924fc8c60528a056679836812d446ff89Ubuntu Security Notice 4201-1 - It was discovered that Ruby incorrectly handled certain files. An attacker could possibly use this issue to pass path matching what can lead to an unauthorized access. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain HTTP headers. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
fb5207d2d5cd13b28e5fc571f6f9365cd6eb101ba786fb264b4bd1794b1d6f86Red Hat Security Advisory 2019-3978-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
2e22aead63d5c2a4d32dc397e1b73d57dd240b6705ba813c44df31f6111d50b2Red Hat Security Advisory 2019-3981-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a bypass vulnerability.
ca365ccd293079c52be9b6ecb251a7bf0c79d6ea710617a283a29d8b003f7a03Red Hat Security Advisory 2019-3968-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include a buffer overflow vulnerability.
eec0176b358ad1dceab72caae24a05a4110f389838501cf9a6606e9c563066e8Red Hat Security Advisory 2019-3976-01 - The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. A stack-based buffer over-read was addressed.
74e2ed1907e5493742c1be87b24081ca4514695335a44791aac28a5113e8f0eaRed Hat Security Advisory 2019-3979-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.
3f7932f4deb3df7af3b999b13ede29fdfcd5523a78d33407a216349cad3b9847Red Hat Security Advisory 2019-3967-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.
66e722646d95d8050e8689ab877a158f944b3ed35f9ac87838daa6fb683821f9Red Hat Security Advisory 2019-3964-01 - The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Issues addressed include an information leakage vulnerability.
372b28f86d6f534625102250b8d78291deadffa5f72301abc92a9cc1046c5553Debian Linux Security Advisory 4576-1 - An out-of-bounds write vulnerability was discovered in php-imagick, a PHP extension to create and modify images using the ImageMagick API, which could result in denial of service, or potentially the execution of arbitrary code.
5756a4fdbd2a09e27d7b82fe649917fa0a292e2a03c8ae606cb8221bdd2431a9Ubuntu Security Notice 4200-1 - It was discovered that Redmine incorrectly handle certain inputs that could cause textile formatting errors. An attacker could possibly use this issue to cause a XSS attack. It was discovered that an SQL injection could allow users to access protected information via a crafted object query.
623c8e3a17e14a602b525ab5f5540e738d4bb3f031a88de1d5acd06feb27ea0eDebian Linux Security Advisory 4575-1 - Several vulnerabilities have been discovered in the chromium web browser.
2f082be534072cb931a5d21f8d4121dcc68f528edc20287c077ccd5b4b1b16ddAnhui Huami Mi Fit Android application versions 4.0.10 and below does not encrypt the connection when it checks for an update.
e185e7156a12339d666b12c950cb9ece3e3e38a8514d9a1395d67f5123e52007
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed