Debian Linux Security Advisory 4378-1 - Fariskhi Vidyan discovered that the PEAR Archive_Tar package for handling tar files in PHP is prone to a PHP object injection vulnerability, potentially allowing a remote attacker to execute arbitrary code.
7e4ef23ca8470300ddac7bad2d8bad6f040e2ce16dd0123ba1e84084b83ec707
Collabtive version 3.1 suffers from a cross site scripting vulnerability.
4d370919d2dc68d89e9caf884e0d5027e621e5f200b392c0cd0da81192040d8b
Ubuntu Security Notice 3873-1 - It was discovered that Open vSwitch incorrectly decoded certain packets. A remote attacker could possibly use this issue to cause Open vSwitch to crash, resulting in a denial of service. It was discovered that Open vSwitch incorrectly handled processing certain flows. A remote attacker could possibly use this issue to cause Open vSwitch to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.
908ced99153ecc61b1eb36e454bae54f8f456af9c212d3462a5914e555707a01
Slackware Security Advisory - New mozilla-firefox packages are available for 14.2 and -current to fix security issues.
0dc46838181933d0acf6584efd3c550dc477786a036a5f01afbe5a0646e30a11
Debian Linux Security Advisory 4375-1 - Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code.
2fefc99471bde1e9874b533008268cea08d397a084f2b10977898a4ddcdaa27b
Red Hat Security Advisory 2019-0162-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a buffer overflow vulnerability.
f409c98c717375dafb0f5899dab9be5df0498199876c46e4fdb25e0e29b210f6
Advanced File Manager version 3.4.1 denial of service proof of concept exploit.
06bcec45a64aface44b596cbdbcc42cf51f6828f9dcde9c73903181de12ecb4b
Debian Linux Security Advisory 4376-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation.
aa608a46cb7069b1ff2ed601cef955aeebb1370b446e65de5ed222f4081cef46
IP-Tools version 2.50 denial of service SEH overwrite proof of concept exploit.
7ca0cbe253092a4b7cff06d4a31db324e06f149232507ee4b078d6c5ce4e8bad
Debian Linux Security Advisory 4377-1 - The ESnet security team discovered a vulnerability in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the scp support could result in the bypass of this restriction, allowing the execution of arbitrary shell commands.
94d852fddd0d7de255869f71aa353a2bf3c2963c61f4197cc965bee4345d3540
Necrosoft DIG version 0.4 denial of service SEH overwrite proof of concept exploit.
6f012ee826d0db45c8a89dacbc62fbffb5b110f8bb0fb353c54e6731787b493f
Red Hat Security Advisory 2019-0218-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.5.0 ESR. Issues addressed include a use-after-free vulnerability.
e1083e90b00e53fb904a7a9b0aafddd2e035ae690e0afb0b33aaa23f1cf575b1
Red Hat Security Advisory 2019-0219-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.5.0 ESR. Issues addressed include a use-after-free vulnerability.
67efee2b070ca8e8c0dbedafdf0e19716ce73ee0a80eac4e0f5ae2bd1cd40a75
95 bytes small Microsoft Windows x86 msiexec.exe download and execute shellcode.
6b242d4fe14ed187719c21da47d8aa29557d36d6ce464f8bbb53dadfed230099
10-Strike Network Inventory Explorer version 8.54 local buffer overflow SEH exploit with DEP bypass.
57a8b94c1deeb8a9d66fc63b1774279eb6d8fa3ad6194ce941a3e36118d9a49c
Rukovoditel Project Management CRM version 2.4.1 suffers from a remote SQL injection vulnerability.
6d7751a33ef85f53e1ac551975f3aa02648f64afaf8cceaf87cd4bb94183639a
iOS and macOS suffer from an if_ports_used_update_wakeuuid() 16-byte uninitialized kernel stack disclosure vulnerability.
bdfda9bc65d52d6ed0d3984c8d4faf09c2f19226fdea8d12eea56e1cf1534dd7
PDF Signer version 3.0 suffers from a server-side template injection vulnerability that can help lead to remote command execution due to improper cookie handling and cross site request forgery issues.
48355218009f7f221d0640359c0a8692f90c981c4c7fa330a4cb1f8d083ab816
Red Hat Security Advisory 2019-0194-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a crash related vulnerability.
ae67071105aaf1bdf88ec44bdc6f486f301f9d17ccf4669bb01648d3e0b0d157
Red Hat Security Advisory 2019-0188-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
95543b404311a724e4d4ae3a28dbef2e0c45febdf31c925aa85f1e48fa304ead
Red Hat Security Advisory 2019-0163-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.
67bea05cdf56e6c44d7f698e4059a01ff4fe8c273c037c1f15ba734adc98234f
Red Hat Security Advisory 2019-0201-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a memory leak vulnerability.
850add0778d93ddf380dd47cb0d948b7e9aaf8c2a1e05dd1f3eb6693c18ff086
Red Hat Security Advisory 2019-0204-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a stack overflow vulnerability.
6fcd5d14a723cf02465650b3333098f9f2c57140c8be2ebe89550de8bb349677
Red Hat Security Advisory 2019-0202-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
e466d9e8d46a7fbdf7a04ff70339a8429fecbdce61463fd8ca56e052605ddbd5
MiniUPnPd versions 2.1 and below suffer from an out-of-bounds read vulnerability.
2aaa71d09817976536dfc7a03db1bc67d6ef7fb15b152cb8ac3c8251862a3b07