Ubuntu Security Notice 4070-1 - Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.27. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
959176eb4c94921a33ff6997d4aac27b5b2619ea9f454ce8e1b171e35f9e1b56Apple Security Advisory 2019-7-23-3 - iCloud for Windows 10.6 is now available and addresses code execution and cross site scripting vulnerabilities.
3ba30714719b00baca6259481a4bdfdefef12ce341e50648fc18c3d291519696Tufin SecureChange uses Richfaces version 4.3.5 which suffers from a remote code execution vulnerability.
5f337d6d91cf5f5d0bc240b766525f3cc6b32105aaf6cf34e4c4de7124a9991cApple Security Advisory 2019-7-23-2 - iTunes for Windows 12.9.6 is now available and addresses code execution and cross site scripting vulnerabilities.
5b5d807d64b0dfb0586f4d295e67ecb8f10e14d1218c051ceb6b960ff5372731Apple Security Advisory 2019-7-23-1 - iCloud for Windows 7.13 is now available and addresses code execution and cross site scripting vulnerabilities.
5039fc8df73b1169b6a519048f0e7a714c303fc19b3d39a7aa2f6b757d1abc9cOvidentia version 8.4.3 suffers from a cross site scripting vulnerability.
734799c00c7a895ec1bfc570d83de3f1eccab1b2b66715089278ee5b39f75a57This whitepaper is a technical analysis of BlueKeep with a path for exploitation.
ffdeadc2f367f61101c6ab776714306ed8c3b691ec3ec119b2210036e68722b9Ubuntu Security Notice 4071-1 - It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
bb6be6ae6ab1c6d02ca25c70421ee7d9fb0267f22a1d62dae05ce539135a8dc1Ovidentia version 8.4.3 suffers from a remote SQL injection vulnerability.
f243046f9355d0d590313f785bf796a155aa36652cf7d1ac356ad956d9739e0cRed Hat Security Advisory 2019-1839-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
0a13367a5983baf5fd94b6e99fd1e90d4d62cd0e78706bd0f4e6b11c0feaa972Red Hat Security Advisory 2019-1833-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. This update fixes various bugs and adds enhancements.
983ea931c7621104c1aa972f82be6812018d0337d9de311aa3b376963f662aadFreeBSD Security Advisory - Insufficient validation of environment variables in the telnet client supplied in FreeBSD can lead to stack-based buffer overflows. A stack-based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This issue only affects the telnet client. Inbound telnet sessions to telnetd(8) are not affected by this issue. These buffer overflows may be triggered when connecting to a malicious server, or by an active attacker in the network path between the client and server. Specially crafted TELNET command sequences may cause the execution of arbitrary code with the privileges of the user invoking telnet(1).
a289c2b38135f9f6339c9294178d141344dcea0087e3ea2bfa204b3700f119d5Ubuntu Security Notice 4069-1 - It was discovered that an integer overflow existed in the Linux kernel when reference counting pages, leading to potential use-after-free issues. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that a race condition existed in the Linux kernel when performing core dumps. A local attacker could use this to cause a denial of service or expose sensitive information. Various other issues were also addressed.
59868a26f79be380a03153a4ef3d8b3c9a12618231d06c2df1d94cb0bd3be8f3WordPress Hybrid Composer plugin version 1.4.6 suffers from an unauthenticated configuration access vulnerability.
26db1d7c35ee5edb905075e3a14d1d9ddc5e8c47e9ee7f9411211033c28c5549155 bytes small Linux/x86_64 wget Linux enumeration script shellcode.
76049b8c912e7e199162cc07c3a9da9c5df541bbf9d35e76533d43a9e5ad772cMikrotik RouterOS versions prior to 6.44.5 and 6.45.1 suffer from stack and resource exhaustion vulnerabilities.
d3abfc481e4ff650ba817b959c8db1aeed9b4e0a9043efaf38c59c7dd9c780de
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed