The Chrome Payment Handler API suffers from site isolation bypass and local file disclosure vulnerabilities.
5422de00f3ad840d3ddaf47ca01135dd9a83ecda77339b7267b4ed4026c4879cWebKitGTK+ and WPE WebKit suffer from code execution, universal cross site scripting, and memory corruption vulnerabilities. Multiple versions are affected.
e942f161feb7c2ca30eb995ee4e9dcd5afccf820c672b47f99da8302c18074e6Nextcloud 17 suffers from multiple cross site request forgery vulnerabilities.
5d7ad910ebcb331b42c05229483f3f723e71af0993c760c2101684d39ad7a00dJira Service Desk Server and Data Center product versions below 3.9.17, 3.10.0 up to 3.16.11, 4.0.0 up to 4.2.6, 4.3.0 up to 4.3.5, 4.4.0 up to 4.4.3, and 4.5.0 up to 4.5.1 are susceptible to a path traversal vulnerability.
7080e92a97a87f926d87df454a396848f9491f786060cbd25b9c83577cc2efa3Adive Framework version 2.0.7 suffers from a privilege escalation vulnerability.
0b20e4720adf1f6ea10e606db63013c37e4d431350c204169cb32136beb923e0Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.
bf62eae52a9e8701d96b669a2f1dc34dbcad875c47ff666c8f00d6add34b28a7Debian Linux Security Advisory 4561-1 - Alex Murray discovered a stack-based buffer overflow vulnerability in fribidi, an implementation of the Unicode Bidirectional Algorithm algorithm, which could result in denial of service or potentially the execution of arbitrary code, when processing a large number of unicode isolate directional characters.
5fccf8379646032d9d2350ccc915e6b5645abbc025cac588a1e2a172f9f3b601Ubuntu Security Notice 4179-1 - Alex Murray discovered a stack-based buffer overflow when handling a large number of unicode isolate directives. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
a64a3540d6115694264002f126e106dce0143b168f7c9e79d0e8f4245c44fcf5Gentoo Linux Security Advisory 201911-4 - Multiple information disclosure vulnerabilities in OpenSSL allow attackers to obtain sensitive information. Versions less than 1.0.2t are affected.
d0d2808bdb7b5e21d54dc5b11536556321445e4a171cd058a9f69980dbaca635Gentoo Linux Security Advisory 201911-3 - Multiple vulnerabilities have been found in Oniguruma, the worst of which could result in the arbitrary execution of code. Versions less than 6.9.3 are affected.
ad8c3a8f3538270fa6278c5d84ad7b774902fd2be0fced00e9669cc6439d6c91Gentoo Linux Security Advisory 201911-2 - A buffer overflow in pump might allow remote attacker to execute arbitrary code. Versions less than or equal to 0.8.24-r4 are affected.
e74b397cbbff9d90abe7ca586c18a093151fd1982553545d961f06ea0c2af15dGentoo Linux Security Advisory 201911-1 - An integer overflow in OpenSSH might allow an attacker to execute arbitrary code. Versions greater than or equal to 8.0_p1-r2 are affected.
115ff5b35f7f50020a10f2f6c2b4113e967c92feaf22dc2a4cfb9bbc7a1269b8Red Hat Security Advisory 2019-3812-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the cri-o RPM package for Red Hat OpenShift Container Platform 3.9.102. A credential disclosure issue was addressed.
1877937d9143576c4a341e405f0fd211c15774c574a24986f01ffcd2fd505e55Red Hat Security Advisory 2019-3813-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the mediawiki123 RPM package for Red Hat OpenShift Container Platform 3.9.102. Issues addressed include a bypass vulnerability.
947e884a3c1d00dac4f45d6a7e850e417239e1ba98ea54375843401352229ebcRed Hat Security Advisory 2019-3811-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the atomic-openshift RPM package for Red Hat OpenShift Container Platform 3.9.102. Issues addressed include denial of service and traversal vulnerabilities.
723c4654df1e079c4d0af35656d5bfe62d7462e1e10ac16066f97a336297f61eSolarWinds Kiwi Syslog Server version 8.3.52 suffers from a Kiwi Syslog Service unquoted service path vulnerability.
999eaddcb4e8329c989ef5af84103f428227682c7a270f26b8316e92f53b8615Ubuntu Security Notice 4178-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
f2f51e6f6aff61cabe9f4760ca0601530d7ae684208e4d7b7228314e65a945f5Jenkins Build-Metrics plugin version 1.3 suffers from a cross site scripting vulnerability.
d418e19ba81cb0adbe7e003d7fa890804d64f4a2cbb72d771a4bdb298fb673cb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed