what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-07-09

Ubuntu Security Notice USN-4051-2
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4051-2 - USN-4051-1 fixed a vulnerability in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-7307
MD5 | 733b6aa2acd3d9fb477fc75c12b7e718
Microsoft Font Subsetting DLL MergeFonts Out Of Bounds Read
Posted Jul 9, 2019
Authored by Google Security Research, mjurczyk

An issue has been discovered where the Microsoft Font Subsetting DLL (fontsub.dll) suffers from a heap-based out-of-bounds read vulnerability in MergeFonts.

tags | exploit
MD5 | dd39b9fd5450a1793c602b5c46899104
Spidermonkey Uninitialized Memory Access
Posted Jul 9, 2019
Authored by saelo, Google Security Research

In Spidermonkey, definite properties are incorrectly computed in some cases, leading to uninitialized memory access when unboxed objects are enabled.

tags | advisory
MD5 | 79fc5823bfa08cae2fcfd2ee4bbcd32c
Red Hat Security Advisory 2019-1712-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1712-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 7 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-0739, CVE-2019-0232
MD5 | b873acd280d331eebb5b9a89a00a2f19
Red Hat Security Advisory 2019-1711-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1711-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 7 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, web, denial of service
systems | linux, redhat
advisories | CVE-2018-0739
MD5 | 2a275448735516008619b561fd01c504
Ubuntu Security Notice USN-4053-1
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4053-1 - It was discovered that GVfs incorrectly handled the admin backend. Files created or moved by the admin backend could end up with the wrong ownership information, contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. It was discovered that GVfs incorrectly handled authentication on its private D-Bus socket. A local attacker could possibly connect to this socket and issue D-Bus calls. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-12447, CVE-2019-12449, CVE-2019-12795
MD5 | 7299d5d25ade3a7cb44bb496e5b0fbc5
Red Hat Security Advisory 2019-1707-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1707-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
MD5 | 3c3b82256b1a6a3a1bc79ff64d8a7ec2
Red Hat Security Advisory 2019-1708-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1708-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
MD5 | a125bcefadc690a6bf55abfe64f5810b
Red Hat Security Advisory 2019-1706-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1706-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
MD5 | bc6ff6198a69065da89a99d9d3ba8607
Red Hat Security Advisory 2019-1705-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1705-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
MD5 | d4817c8754d0c0874ea2b127ce8d25f2
Ubuntu Security Notice USN-4051-1
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4051-1 - Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-7307
MD5 | 23144505a813252b7919bf5f1a86185f
Ubuntu Security Notice USN-4052-1
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4052-1 - Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service or expose sensitive information.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-11476
MD5 | 676f56ff3a2471481b6312ae1fb3db60
Firefox 67.0.4 Denial Of Service
Posted Jul 9, 2019
Authored by Tejas Ajay Naik

Firefox version 67.0.4 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 6428d159c5f24ca3c60a544bdba585ec
Karenderia CMS 5.3 Cross Site Scripting
Posted Jul 9, 2019
Authored by Sisyshell

Karenderia CMS version 5.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 85eadd81ead8297ad6186db828f55c09
Razer Chroma SDK Private Key Disclosure
Posted Jul 9, 2019

The Razer Chroma SDK installs with a root certificate that also includes its private key. This flaw impacts Razer Synapse 3 versions 1.0.103.136 build 3.4.0415.04181, and may impact older versions.

tags | advisory, root, info disclosure
MD5 | 87e97b329881cde3f9618ebfb8e669ba
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close