what you don't know can hurt you
Showing 1 - 22 of 22 RSS Feed

Files Date: 2019-09-11

Microsoft DirectWrite sfac_GetSbitBitmap Out-Of-Bounds Read
Posted Sep 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite suffers from an out-of-bounds read in sfac_GetSbitBitmap while processing TTF fonts.

tags | exploit
advisories | CVE-2019-1244
MD5 | d96745246c3f9f8824ca086f22c22c48
Microsoft DirectWrite SplicePixel Invalid Read
Posted Sep 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite suffers from an invalid read in SplicePixel while processing OTF fonts.

tags | exploit
advisories | CVE-2019-1245
MD5 | ca6efddc5aa545504994721276b7f2dd
Ubuntu Security Notice USN-4130-1
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4130-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-8644, CVE-2019-8669, CVE-2019-8680, CVE-2019-8687
MD5 | 536f40f870fe7dec836bc3426c66a70e
Ubuntu Security Notice USN-4131-1
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4131-1 - It was discovered that VLC incorrectly handled certain media files. If a user were tricked into opening a specially-crafted file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13962, CVE-2019-14533, CVE-2019-14777
MD5 | f537331c1e7cd92a12c6a6e97611029f
Red Hat Security Advisory 2019-2741-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2741-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11487, CVE-2019-3846, CVE-2019-3887, CVE-2019-9500, CVE-2019-9503
MD5 | 9489ce13236817a5be2175c9cae721fd
Red Hat Security Advisory 2019-2736-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2736-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-9568, CVE-2019-11810
MD5 | a9921f35d5d74a76b6ad38dc1c046ef4
Red Hat Security Advisory 2019-2690-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2690-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include unbounded memory growth.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11247, CVE-2019-9512, CVE-2019-9514
MD5 | f62a336ad73dad479d2bdde25aa1ffea
Red Hat Security Advisory 2019-2737-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2737-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11772, CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-7317
MD5 | d857fc43423f89c7e92d419b41cce979
OpenSSL Toolkit 1.1.1d
Posted Sep 11, 2019
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a fork protection issue. Added a bypass mitigation. Various other updates.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2019-1547, CVE-2019-1549, CVE-2019-1563
MD5 | 3be209000dbc7e1b95bcdf47980a3baa
Red Hat Security Advisory 2019-2732-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2732-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 2.1.13, and 2.2.7. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-1301
MD5 | fc1bb7f8ce5c219aff3097824cbbc527
Red Hat Security Advisory 2019-2731-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2731-01 - NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 2.1.509 and Runtime 2.1.13. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-1301
MD5 | 9a0856ecf1a76dabef87b1135d4b59d2
Ubuntu Security Notice USN-4129-1
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4129-1 - Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5481, CVE-2019-5482
MD5 | facfe82ad2150d08af017db77da22425
Red Hat Security Advisory 2019-2729-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2729-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Issues addressed include cross site scripting and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11733, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752, CVE-2019-9812
MD5 | b94498a8246953dab262a5d114db694e
Red Hat Security Advisory 2019-2720-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2720-01 - The Public Key Infrastructure Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-12384
MD5 | 563e60dcca8c800e06924d8b82b0d6f1
Red Hat Security Advisory 2019-2713-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2713-01 - Poppler is a Portable Document Format rendering library, used by applications such as Evince. Issues addressed include buffer overflow and null pointer vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18897, CVE-2018-20481, CVE-2018-20551, CVE-2018-20650, CVE-2018-20662, CVE-2019-10871, CVE-2019-12293, CVE-2019-7310, CVE-2019-9200, CVE-2019-9631, CVE-2019-9903, CVE-2019-9959
MD5 | 4d3627716462354744cd1a78c5790288
Red Hat Security Advisory 2019-2722-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2722-01 - The libwmf packages provide a library for reading and converting Windows Metafile Format vector graphics. The library is used by applications such as GIMP and ImageMagick. Multiple double-free vulnerabilities were addressed.

tags | advisory, vulnerability
systems | linux, redhat, windows
advisories | CVE-2019-6978
MD5 | d770b947ff129d4347b75170c531e764
Red Hat Security Advisory 2019-2730-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2730-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-13405, CVE-2018-16871, CVE-2018-16884, CVE-2018-9568, CVE-2019-1125
MD5 | e1a3819582cad06bef70297a2f1f576c
eWON Flexy 13.0 Authentication Bypass
Posted Sep 11, 2019
Authored by Photubias

eWON Flexy with firmware version 13.0 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | d0b98d41fed10c41d04cae17c5d2a676
Ubuntu Security Notice USN-4115-2
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4115-2 - USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-19985, CVE-2018-20784, CVE-2019-0136, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11487, CVE-2019-11599, CVE-2019-11810, CVE-2019-13631, CVE-2019-13648, CVE-2019-14283, CVE-2019-14284, CVE-2019-14763, CVE-2019-15090, CVE-2019-15211, CVE-2019-15212, CVE-2019-15214, CVE-2019-15215, CVE-2019-15216, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15292, CVE-2019-3701, CVE-2019-3819, CVE-2019-3900
MD5 | f3c403ca6993818b3a6b46a2dc892b23
Red Hat Security Advisory 2019-2661-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2661-01 - Both the openshift and atomic-enterprise-service-catalog packages have been rebuilt with updates versions of golang. The golang packages provide the Go programming language compiler.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9512, CVE-2019-9514
MD5 | 20ae33a1aa1a407092fd38a8be56e82b
Red Hat Security Advisory 2019-2662-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2662-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2019-10355, CVE-2019-10356, CVE-2019-10357
MD5 | 1f788cf8636cd071bab272c40d310c2c
Ubuntu Security Notice USN-4120-2
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4120-2 - USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem. It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
MD5 | 82d8f28d12fffac3503d35d76ab85de6
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    14 Files
  • 20
    Sep 20th
    20 Files
  • 21
    Sep 21st
    3 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close