Zurmo version 3.2.6 suffers from a code evaluation vulnerability.
82a1d8cc756528ee8137b7b08e6d5d9e92d3e0c49c41e9b1d641e0595c9b90d8
Ubuntu Security Notice 4072-1 - It was discovered that Ansible failed to properly handle sensitive information. A local attacker could use those vulnerabilities to extract them. It was discovered that Ansible could load configuration files from the current working directory containing crafted commands. An attacker could run arbitrary code as result. Various other issues were also addressed.
067d7fa1810947a5a71e4e63c60c2cf15d329e2fb5336677d77831ac4b96d497
Ubuntu Security Notice 4074-1 - It was discovered that the VLC CAF demuxer incorrectly handled certain files. If a user were tricked into opening a specially-crafted CAF file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that the VLC Matroska demuxer incorrectly handled certain files. If a user were tricked into opening a specially-crafted MKV file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
93e928953531bb8b7bf488a1acef6c0184de960d3f44e339736aff9fbfce79e5
Red Hat Security Advisory 2019-1851-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include cross site scripting and denial of service vulnerabilities.
00cb28c3b08208132229ebe8054a9b8c4d8f618c66fe74f2f57958cdfda7f4fd
Zurmo version 3.2.6 suffers from reflective cross site scripting vulnerabilities.
272981387eb4c7d4e4980aa8c49a60c1bd14b31aa8ee2ab333760b0df2eacec1
Yahei-PHP Prober version 0.4.7 (speed) suffers from a remote html injection vulnerability.
8b1bffb824058dcb7a5c1639547cb117aa34809316b2f941a0b2c3fc01014440
FreeBSD Security Advisory - If a process attempts to transmit rights over a UNIX-domain socket and an error causes the attempt to fail, references acquired on the rights are not released and are leaked. This bug can be used to cause the reference counter to wrap around and free the corresponding file structure. A local user can exploit the bug to gain root privileges or escape from a jail.
ed0e020ba12b1dc01aa8d83590ac696a40d1fccad60067e1fb8300dfbb889466
Red Hat Security Advisory 2019-1852-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An incomplete fix for CVE-2019-1002101 was addressed.
c2b47e34d49807392fd550c9925a7fcd990d35fc8f3a2292d2097009020812e4
Ubuntu Security Notice 4073-1 - It was discovered that libEBML incorrectly handled certain media files. If a user were tricked into opening a specially crafted media file, libEBML could possibly be made to crash, resulting in a denial of service.
01ea518490e9ca54bcdc4a67a0d42b41cdd557600790f8bdd7f0c9b3fd2c5984
FreeBSD Security Advisory - The pci_xhci_device_doorbell() function does not validate the 'epid' and 'streamid' provided by the guest, leading to an out-of-bounds read. A misbehaving bhyve guest could crash the system or access memory that it should not be able to.
22ddae49f77be04a48b0ef2c715801539b562f34653337c23b52f4f5dfa1668b
FreeBSD Security Advisory - System calls operating on file descriptors obtain a reference to relevant struct file which due to a programming error was not always put back, which in turn could be used to overflow the counter of affected struct file. A local user can use this flaw to obtain access to files, directories, sockets etc. opened by processes owned by other users. If obtained struct file represents a directory from outside of user's jail, it can be used to access files outside of the jail. If the user in question is a jailed root they can obtain root privileges on the host system.
489c8ae54e5e9d5645a9286ff4c958fe29ebf8eb10cfad1509a4f8ce2b45cf9e
Trend Micro Deep Discovery Inspector suffers from a percent encoding IDS bypass vulnerability.
ec40e8e4c37ffcdffc52766b407c3f23886bf51afda9cc17f1e5746fa1ddd54b
Ubuntu Security Notice 4071-2 - USN-4071-1 fixed several vulnerabilities in Patch. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.
0b7c4a198db51cde30cce47cc6a0ae95e2c18bd207868b3dc0dab1fbed99adb0
FreeBSD Security Advisory - Due to insufficient initialization of memory copied to userland in the components listed above small amounts of kernel memory may be disclosed to userland processes. A user who can invoke 32-bit FreeBSD ioctls may be able to read the contents of small portions of kernel memory. Such memory might contain sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way; for example, a terminal buffer might include a user-entered password.
0e0df08026cdde81c94f8a176b172a71c19e15379445944e64ecdd04b7315690
FreeBSD Security Advisory - The code which handles a close(2) of a descriptor created by posix_openpt(2) fails to undo the configuration which causes SIGIO to be raised. This bug can lead to a write-after-free of kernel memory. The bug permits malicious code to trigger a write-after-free, which may be used to gain root privileges or escape a jail.
c20e2ba9892c896b4cdba0602e7caccb54edd10e2ab74a179baf8dc75414522d