Microsoft DirectWrite suffers from an out-of-bounds read in sfac_GetSbitBitmap while processing TTF fonts.
aa2d5d7be90b6f28c281bef6187c775b1dfc2408d2066e1d3ea3a0b1eeca0a0eMicrosoft DirectWrite suffers from an invalid read in SplicePixel while processing OTF fonts.
4d40188c13a19d3f86978a4337818897a6919c2d01372f9e540c97358af7ad4aUbuntu Security Notice 4130-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
7fff7817faa93376c1b96a900f5b298f1f50f90a6f9ced8e57e972b104e409beUbuntu Security Notice 4131-1 - It was discovered that VLC incorrectly handled certain media files. If a user were tricked into opening a specially-crafted file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code.
b1da730bd339a96d0a8acbbd785f28028d2b1e9ca68b9d2c08bfd842a4d286cbRed Hat Security Advisory 2019-2741-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, and use-after-free vulnerabilities.
5f9e06ffb42d649fcd1a5f4909c6f524bed20e4c72252170dc1208e70a2ea784Red Hat Security Advisory 2019-2736-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.
ed6f696b46d484b893365b9eb02aed902d06e93358448c2331acdc0906e2005aRed Hat Security Advisory 2019-2690-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include unbounded memory growth.
62f2fc254bcbb4ff3334d3c63b09d6b2f8f3ffbe305af80392327bbd9510127bRed Hat Security Advisory 2019-2737-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.
da9c10b6d6ebd53b140a73576a15531540032de1ba86d3c6aaeb76c4fb7a36e6OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2Red Hat Security Advisory 2019-2732-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 2.1.13, and 2.2.7. Issues addressed include a denial of service vulnerability.
68b9babb0d6d593d224ff1aa563a0aa0839f28595bd13d21b71a639524d4ed7eRed Hat Security Advisory 2019-2731-01 - NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 2.1.509 and Runtime 2.1.13. Issues addressed include a denial of service vulnerability.
38c127bb4a2ddf830db3a6463439153f25b5f108bd72c525664a5c8d585bd675Ubuntu Security Notice 4129-1 - Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code.
1581f612f00cdbf571020524a4448bbf2fc9aa6d7c264d8667d65ad2ee780ba6Red Hat Security Advisory 2019-2729-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Issues addressed include cross site scripting and use-after-free vulnerabilities.
610ee7c9f39b9a684b2af7c8b4229cccbd8151636e4f5214e7c64bf23b7c35d9Red Hat Security Advisory 2019-2720-01 - The Public Key Infrastructure Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System. Issues addressed include code execution and deserialization vulnerabilities.
0a5eb78e236dcd2da705cf6c4ed6e6ce12ce37d3d0e5e82b5f2f52badf646b29Red Hat Security Advisory 2019-2713-01 - Poppler is a Portable Document Format rendering library, used by applications such as Evince. Issues addressed include buffer overflow and null pointer vulnerabilities.
323c95299f060e9b9f1bd7dae1e3bb73d8320aba0cee30a02bbc3f51a3dee60eRed Hat Security Advisory 2019-2722-01 - The libwmf packages provide a library for reading and converting Windows Metafile Format vector graphics. The library is used by applications such as GIMP and ImageMagick. Multiple double-free vulnerabilities were addressed.
3821e5aaab68555f08824866d7297e42cf16993600f7902fd6e61c0d7b0ff57fRed Hat Security Advisory 2019-2730-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer and use-after-free vulnerabilities.
14466803f23bea4b8da1ff507c00f5333e7f34713818019ed14181efa127aedeeWON Flexy with firmware version 13.0 suffers from an authentication bypass vulnerability.
76bf027bea193d108094970bd462dd2ebb200858467fc02d58f0a91a682501e5Ubuntu Security Notice 4115-2 - USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue. Various other issues were also addressed.
05acda341e120b77b16aad0ba3eb54346f60a3e3997eca4a108689927624648cRed Hat Security Advisory 2019-2661-01 - Both the openshift and atomic-enterprise-service-catalog packages have been rebuilt with updates versions of golang. The golang packages provide the Go programming language compiler.
2a8e7b8ed2f7cf9f06eef43a8a2bf84b2d3351e30b880aee8e6cecc3b094efd5Red Hat Security Advisory 2019-2662-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a bypass vulnerability.
6fece9cfa8e21396eb29dc690d56ca4aa2cfc555efbd536bfd6c1280e18c70ccUbuntu Security Notice 4120-2 - USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem. It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings. Various other issues were also addressed.
7f2e1c446a9d7ea48e0ed1bced15db260e385070ba46130607c02b90e93a3d86
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed