Ubuntu Security Notice 4305-1 - Andre Bargull discovered that ICU incorrectly handled certain strings. An attacker could possibly use this issue to execute arbitrary code.
eea41df398036d852858c12ec2e2fcbca824baa2bdebc0a5112af45e548cb63bRed Hat Security Advisory 2020-0855-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A file read / inclusion vulnerability was addressed.
be68db7181741e6b876be62ba34afbba9c6dc3adb7307d389ef4ae6c72cd3147Ubuntu Security Notice 4304-1 - Or Friedman discovered that Ceph incorrectly handled disconnects. A remote authenticated attacker could possibly use this issue to cause Ceph to consume resources, leading to a denial of service.
100bde702bfc989acae5dc500679c13558c135ec24734508bdd851c25c0a8c13Red Hat Security Advisory 2020-0851-01 - The virtualenv tool creates isolated Python environments. The virtualenv tool is a successor to workingenv, and an extension of virtual-python. CRLF injection and credential exposure issues were addressed.
38c01ab80cd3cc1715a3a741bfd74eb78d86995bb02d366abac9285f8009e31eRed Hat Security Advisory 2020-0861-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 8 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.
5912cad22f0afc43d80ee84e84aa2cfe37aa8ce59818cd00dd1203e1f3f6d01bRed Hat Security Advisory 2020-0860-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 8 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.
385ed72c129170e7bd47c8e7798856ca9e8dc3465e3225895c6665368d411874Red Hat Security Advisory 2020-0856-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP5. Issues addressed include a deserialization vulnerability.
460e7dcf9a6363d414fca457febc539ef87f083416fa7947b4de1cd770f50dc0Lulzbuster is a very fast and smart web directory and file enumeration tool written in C.
d5aabcc37f389f4b37c32eb0670aa7cae78cecc3b85f91ad44729038f3d14196Red Hat Security Advisory 2020-0831-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
8465bc23fd6f7c54aa40a76e119daadf5ce1f4a3a2c6492429a39f50a9e2735fUbuntu Security Notice 4303-1 - Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested guest access the resources of a parent guest in certain situations. An attacker could use this to expose sensitive information.
19a2aa39cb7b99ed562596869073caa967754294d7dc20d5c7895846993212c9Ubuntu Security Notice 4303-2 - USN-4303-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested guest access the resources of a parent guest in certain situations. An attacker could use this to expose sensitive information. Various other issues were also addressed.
6685efdbb34ff65bd6fcb8c9f91ecfd38a0ef75627a42dfb6ec7e3c3e5e386a8Ubuntu Security Notice 4302-1 - Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested guest access the resources of a parent guest in certain situations. An attacker could use this to expose sensitive information. Gregory Herrero discovered that the fix for CVE-2019-14615 to address the Linux kernel not properly clearing data structures on context switches for certain Intel graphics processors was incomplete. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
3f65e5ffbc3857537bf6869a1491356bedce6b14cb08f5e1b25c6d6d2862ecd3Ubuntu Security Notice 4301-1 - It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested guest access the resources of a parent guest in certain situations. An attacker could use this to expose sensitive information. Various other issues were also addressed.
269944e1ef0959ae514fa6db160519c225d3852a7f65698a7db6b401b856d3e3Ubuntu Security Notice 4300-1 - It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested guest access the resources of a parent guest in certain situations. An attacker could use this to expose sensitive information. Various other issues were also addressed.
b468ac55cd20250f22d00466a715a70bdabc3df5373bb1bced4e3cc116c67029The UADMIN Botnet suffers from a remote SQL injection vulnerability.
35635b08afd60010f9771f280f777fa4b13f71fa666e196de3725b875d5e606b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed