Debian Linux Security Advisory 4497-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
cee950c7a38acaeb09d9f7015b9d152f8f4ee558e852c5e251edd7491b655338
Ubuntu Security Notice 4093-1 - It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
972368dcf6177d5f57f6c9563b2ca592739590e4dce2d1505555c8bf5670da14
Ubuntu Security Notice 4095-1 - Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during Diffie-Hellman key exchange in some situations. An attacker could use this to expose sensitive information. It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
73242072359d7bf186617f05dbb4e22278a6357ede250b31c563407ebd584e49
Ubuntu Security Notice 4094-1 - It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.
057991c54bda99e36e45617061b5319a3d5749216d070d59b5d605ff61ea7dcc
Red Hat Security Advisory 2019-2471-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. A padding oracle vulnerability has been addressed.
a46f7d2b53bd752084ed25b14868936b2956ed2c38912d31dd0fb687d0d6d2fb
Red Hat Security Advisory 2019-2473-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a null pointer vulnerability.
3e9586dcff2115ac4aac3373f4d99a3aa12a5233be26b31fab34630bd1e82388
NSKeyedUnarchiver suffers from an information leak when decoding the SGBigUTF8String class using [SGBigUTF8String initWithCoder:]. This class initializes the string using [SGBigUTF8String initWithUTF8DataNullTerminated:] even though there is no guarantee the bytes provided to the decoder are null terminated. It should use [SGBigUTF8String initWithUTF8Data:] instead.
350595d4b62128692b25160fd0dc54b6e14a6ff528c3e77b5bce0cd7797ace73
msctf in the Text Services Framework suffers from multiple design flaws that can lead to things like UIPI bypass and interfering with processes.
0e5628d9aca7d795d63bbbab493631e98a1f4027dfdef9907adbf02de03caa93
TortoiseSVN version 1.12.1 suffers from a remote code execution vulnerability.
7e7d80f13a763bb28d6179a37710796495582ad72b220cfc0e6f440024a5da17
Ubuntu Security Notice 4070-3 - USN-4070-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758,CVE-2019-2805, CVE-2019-2628, CVE-2019-2627, CVE-2019-2614 in MariaDB 10.3. Ubuntu 19.04 has been updated to MariaDB 10.3.17. In addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
3f88c31466a730e3d48fa79563ec3302d4146dff5cf1ca50bf7f8cd5feeef032
Red Hat Security Advisory 2019-2466-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. An improper authorization issue was addressed.
534d30174dfb322aaf0fafa9a7a2e1c9ad9cace1cb0ec33d283ab9e63df54fde
Ubuntu Security Notice 4070-2 - USN-4070-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2805 in MariaDB 10.1. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.41. In addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
7c5f11a0438e494429c8d782493d1b895df3ef682bd7a64a45b247a3b85236a5
AZORult Botnet suffers from a remote SQL injection vulnerability.
469889ddfa69bafe60fe32f98ce19ce8ec74341567256eeb13fbf11ef947b108
Agent Tesla Botnet arbitrary code execution exploit.
529d49ea1f81a720d799b9d75872ba6cfcf6de75e2d0c8f31bd41bb66b8f2285
Steam Windows client local privilege escalation exploit.
89ca2ff3f2c0c57bb797a14d09c01bdea1538a1f9385b2550537aef36572f92d