Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
ff9691d862154cd608b40dab6c59868e354cda4ce4f0c39b431c7751cdc75415Ubuntu Security Notice 3765-2 - USN-3765-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code.
4e0f3be81c17eccb811b09f0977fe023a0b78c12dac6aa24244460450774460dUbuntu Security Notice 3765-1 - It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code.
6e258f8259c823ad99ace2e5dacdc5049329213737fd43379b9c36d75dfc7dd4Apple Security Advisory 2018-9-17-1 - iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.
1b6195c1b83a02fbe3028b9f59a131a8da4f145af8b7404d84dce1ccca5cfae6Netis ADSL Router DL4322D RTK version 2.1.1 suffers from a cross site scripting vulnerability.
41f7d279cda6c4c3c7e2f8bb3678b2a064798074a2f4b74e74dd6b71433292f5Oracle VirtualBox Manager version 5.2.18 r124319 suffers from a denial of service vulnerability.
1cc66ee90fe1dd31e535fb066e18a8c05cbc5cb61980077e6e995cac7b3f8111Debian Linux Security Advisory 4295-1 - safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service.
c79d1d7e9fb136fbbf166f726ce99edf3f14c8afa2258f28a08f0d45b24750edUbuntu Security Notice 3761-3 - USN-3761-1 fixed vulnerabilities in Firefox. The update caused several regressions affecting spellchecker dictionaries and search engines, which were partially fixed by USN-3761-2. This update contains the remaining fix. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. It was discovered that if a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. Various other issues were also addressed.
8c650b9d8ce919aff2f38f5ef9e84c1ecb7288b8019a119d2670ebf11068cb99Oracle WebCenter Interaction version 10.3.3 suffers from cross site request forgery, cross site scripting, denial of service, and various other vulnerabilities.
e8d2b51fad559fda6bf7c852698c99631ba4e1611f07883c0529891a9f423866Debian Linux Security Advisory 4294-1 - Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, an interpreter for the PostScript language, which could result in the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being enabled).
45e8cc03f17d1c003d8c0c70b9c56bf113fa26a077c1c2d1be4862854c7547b1XAMPP Control Panel version 3.2.2 suffers from a denial of service vulnerability.
11279e477c61380d58a61cf39382e89f695a6bbd0417558865cc986d0b28498aDebian Linux Security Advisory 4293-1 - Several heap buffer overflows were found in discount, an implementation of the Markdown markup language, that could be triggered witth specially crafted Markdown data and would cause discount to read past the end of internal buffers.
bd1232d56f2934933c0aa0ac630923927877f20f03e67a730fbd2651fbfeaf6cDebian Linux Security Advisory 4273-2 - This update ships updated CPU microcode for additional models of Intel CPUs which were not yet covered by the Intel microcode update released as DSA-4273-1 (and thus provides SSBD support (needed to address "Spectre v4") and fixes for "Spectre v3a")).
9778d2c46fe7bad752642986b7321defd6ea504ebc24609016abebc7108cb5d9Joomla JCK Editor version 6.4.4 suffers from a remote SQL injection vulnerability.
80abbba89e137b7361a8bd788644738d8c7227253f364a308c192e73282acd66Netis ADSL Router DL43 versions 22D RKS 2.1.1 suffers from a denial of service vulnerability.
c854cec27c50416d8b2bb7777de678d6cbbe2b0cd7f9af93e4284936d520e77c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed