The Chrome Payment Handler API suffers from site isolation bypass and local file disclosure vulnerabilities.
a0e44b48eda93d22f89c1bb42d02f804WebKitGTK+ and WPE WebKit suffer from code execution, universal cross site scripting, and memory corruption vulnerabilities. Multiple versions are affected.
0bf496eb9a2459aaeda0b426f3ef0edbNextcloud 17 suffers from multiple cross site request forgery vulnerabilities.
b613cc280057db8886536325e5bf276dJira Service Desk Server and Data Center product versions below 3.9.17, 3.10.0 up to 3.16.11, 4.0.0 up to 4.2.6, 4.3.0 up to 4.3.5, 4.4.0 up to 4.4.3, and 4.5.0 up to 4.5.1 are susceptible to a path traversal vulnerability.
0b5fcfe5c5e79daa7fc9013b16f45ff0Adive Framework version 2.0.7 suffers from a privilege escalation vulnerability.
fabbbf5ca28fd0f0d55a57bb29f69d80Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.
89355d12b17a57544c4036152b14969eDebian Linux Security Advisory 4561-1 - Alex Murray discovered a stack-based buffer overflow vulnerability in fribidi, an implementation of the Unicode Bidirectional Algorithm algorithm, which could result in denial of service or potentially the execution of arbitrary code, when processing a large number of unicode isolate directional characters.
ce1d8a43a11a6aafc4ddd0b0df7d4d8fUbuntu Security Notice 4179-1 - Alex Murray discovered a stack-based buffer overflow when handling a large number of unicode isolate directives. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
5d57502952a2f3da4372071a72fa562bGentoo Linux Security Advisory 201911-4 - Multiple information disclosure vulnerabilities in OpenSSL allow attackers to obtain sensitive information. Versions less than 1.0.2t are affected.
a0cdca0c47e2c6186ebd1d8dcdd89f58Gentoo Linux Security Advisory 201911-3 - Multiple vulnerabilities have been found in Oniguruma, the worst of which could result in the arbitrary execution of code. Versions less than 6.9.3 are affected.
0cbaa38bdff1e489f6ec05bd3f81708dGentoo Linux Security Advisory 201911-2 - A buffer overflow in pump might allow remote attacker to execute arbitrary code. Versions less than or equal to 0.8.24-r4 are affected.
d91702648d485cc610d4856d5824b29dGentoo Linux Security Advisory 201911-1 - An integer overflow in OpenSSH might allow an attacker to execute arbitrary code. Versions greater than or equal to 8.0_p1-r2 are affected.
daf63a09def969f6686ddc0012bedee9Red Hat Security Advisory 2019-3812-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the cri-o RPM package for Red Hat OpenShift Container Platform 3.9.102. A credential disclosure issue was addressed.
0f6cbcb743d07cddea22dce4b0f197e9Red Hat Security Advisory 2019-3813-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the mediawiki123 RPM package for Red Hat OpenShift Container Platform 3.9.102. Issues addressed include a bypass vulnerability.
351c4ffbb69115adfc4b2cf0217bdc84Red Hat Security Advisory 2019-3811-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the atomic-openshift RPM package for Red Hat OpenShift Container Platform 3.9.102. Issues addressed include denial of service and traversal vulnerabilities.
73c3ece4cc44b7606f4bec76a3205cecSolarWinds Kiwi Syslog Server version 8.3.52 suffers from a Kiwi Syslog Service unquoted service path vulnerability.
8d7bc2683cb6f64137f2da91f394f308Ubuntu Security Notice 4178-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
306c8955c2f273afb8b953e5c146c877Jenkins Build-Metrics plugin version 1.3 suffers from a cross site scripting vulnerability.
2c5ebf0addb47107e060f7e5c07dad3e
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed