what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2019-09-11

Microsoft DirectWrite sfac_GetSbitBitmap Out-Of-Bounds Read
Posted Sep 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite suffers from an out-of-bounds read in sfac_GetSbitBitmap while processing TTF fonts.

tags | exploit
advisories | CVE-2019-1244
SHA-256 | aa2d5d7be90b6f28c281bef6187c775b1dfc2408d2066e1d3ea3a0b1eeca0a0e
Microsoft DirectWrite SplicePixel Invalid Read
Posted Sep 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite suffers from an invalid read in SplicePixel while processing OTF fonts.

tags | exploit
advisories | CVE-2019-1245
SHA-256 | 4d40188c13a19d3f86978a4337818897a6919c2d01372f9e540c97358af7ad4a
Ubuntu Security Notice USN-4130-1
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4130-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-8644, CVE-2019-8669, CVE-2019-8680, CVE-2019-8687
SHA-256 | 7fff7817faa93376c1b96a900f5b298f1f50f90a6f9ced8e57e972b104e409be
Ubuntu Security Notice USN-4131-1
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4131-1 - It was discovered that VLC incorrectly handled certain media files. If a user were tricked into opening a specially-crafted file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13962, CVE-2019-14533, CVE-2019-14777
SHA-256 | b1da730bd339a96d0a8acbbd785f28028d2b1e9ca68b9d2c08bfd842a4d286cb
Red Hat Security Advisory 2019-2741-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2741-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11487, CVE-2019-3846, CVE-2019-3887, CVE-2019-9500, CVE-2019-9503
SHA-256 | 5f9e06ffb42d649fcd1a5f4909c6f524bed20e4c72252170dc1208e70a2ea784
Red Hat Security Advisory 2019-2736-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2736-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-9568, CVE-2019-11810
SHA-256 | ed6f696b46d484b893365b9eb02aed902d06e93358448c2331acdc0906e2005a
Red Hat Security Advisory 2019-2690-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2690-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include unbounded memory growth.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11247, CVE-2019-9512, CVE-2019-9514
SHA-256 | 62f2fc254bcbb4ff3334d3c63b09d6b2f8f3ffbe305af80392327bbd9510127b
Red Hat Security Advisory 2019-2737-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2737-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11772, CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-7317
SHA-256 | da9c10b6d6ebd53b140a73576a15531540032de1ba86d3c6aaeb76c4fb7a36e6
OpenSSL Toolkit 1.1.1d
Posted Sep 11, 2019
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a fork protection issue. Added a bypass mitigation. Various other updates.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2019-1547, CVE-2019-1549, CVE-2019-1552, CVE-2019-1563
SHA-256 | 1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2
Red Hat Security Advisory 2019-2732-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2732-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 2.1.13, and 2.2.7. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-1301
SHA-256 | 68b9babb0d6d593d224ff1aa563a0aa0839f28595bd13d21b71a639524d4ed7e
Red Hat Security Advisory 2019-2731-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2731-01 - NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 2.1.509 and Runtime 2.1.13. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-1301
SHA-256 | 38c127bb4a2ddf830db3a6463439153f25b5f108bd72c525664a5c8d585bd675
Ubuntu Security Notice USN-4129-1
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4129-1 - Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5481, CVE-2019-5482
SHA-256 | 1581f612f00cdbf571020524a4448bbf2fc9aa6d7c264d8667d65ad2ee780ba6
Red Hat Security Advisory 2019-2729-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2729-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Issues addressed include cross site scripting and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11733, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752, CVE-2019-9812
SHA-256 | 610ee7c9f39b9a684b2af7c8b4229cccbd8151636e4f5214e7c64bf23b7c35d9
Red Hat Security Advisory 2019-2720-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2720-01 - The Public Key Infrastructure Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-12384
SHA-256 | 0a5eb78e236dcd2da705cf6c4ed6e6ce12ce37d3d0e5e82b5f2f52badf646b29
Red Hat Security Advisory 2019-2713-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2713-01 - Poppler is a Portable Document Format rendering library, used by applications such as Evince. Issues addressed include buffer overflow and null pointer vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18897, CVE-2018-20481, CVE-2018-20551, CVE-2018-20650, CVE-2018-20662, CVE-2019-10871, CVE-2019-12293, CVE-2019-7310, CVE-2019-9200, CVE-2019-9631, CVE-2019-9903, CVE-2019-9959
SHA-256 | 323c95299f060e9b9f1bd7dae1e3bb73d8320aba0cee30a02bbc3f51a3dee60e
Red Hat Security Advisory 2019-2722-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2722-01 - The libwmf packages provide a library for reading and converting Windows Metafile Format vector graphics. The library is used by applications such as GIMP and ImageMagick. Multiple double-free vulnerabilities were addressed.

tags | advisory, vulnerability
systems | linux, redhat, windows
advisories | CVE-2019-6978
SHA-256 | 3821e5aaab68555f08824866d7297e42cf16993600f7902fd6e61c0d7b0ff57f
Red Hat Security Advisory 2019-2730-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2730-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-13405, CVE-2018-16871, CVE-2018-16884, CVE-2018-9568, CVE-2019-1125
SHA-256 | 14466803f23bea4b8da1ff507c00f5333e7f34713818019ed14181efa127aede
eWON Flexy 13.0 Authentication Bypass
Posted Sep 11, 2019
Authored by Photubias

eWON Flexy with firmware version 13.0 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 76bf027bea193d108094970bd462dd2ebb200858467fc02d58f0a91a682501e5
Ubuntu Security Notice USN-4115-2
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4115-2 - USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-19985, CVE-2018-20784, CVE-2019-0136, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11487, CVE-2019-11599, CVE-2019-11810, CVE-2019-13631, CVE-2019-13648, CVE-2019-14283, CVE-2019-14284, CVE-2019-14763, CVE-2019-15090, CVE-2019-15211, CVE-2019-15212, CVE-2019-15214, CVE-2019-15215, CVE-2019-15216, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15292, CVE-2019-3701, CVE-2019-3819, CVE-2019-3900
SHA-256 | 05acda341e120b77b16aad0ba3eb54346f60a3e3997eca4a108689927624648c
Red Hat Security Advisory 2019-2661-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2661-01 - Both the openshift and atomic-enterprise-service-catalog packages have been rebuilt with updates versions of golang. The golang packages provide the Go programming language compiler.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9512, CVE-2019-9514
SHA-256 | 2a8e7b8ed2f7cf9f06eef43a8a2bf84b2d3351e30b880aee8e6cecc3b094efd5
Red Hat Security Advisory 2019-2662-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2662-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2019-10355, CVE-2019-10356, CVE-2019-10357
SHA-256 | 6fece9cfa8e21396eb29dc690d56ca4aa2cfc555efbd536bfd6c1280e18c70cc
Ubuntu Security Notice USN-4120-2
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4120-2 - USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem. It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
SHA-256 | 7f2e1c446a9d7ea48e0ed1bced15db260e385070ba46130607c02b90e93a3d86
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close