The Horde_Data module version 2.1.4 (and before) present in Horde Groupware version 5.2.22 allows authenticated users to inject arbitrary PHP code thus achieving remote code execution the server hosting the web application.
4f53a18b1dcb2a04ca5e0e9ef677195636d3382c8fc8467ec4ad99dcf70a9931
Red Hat Security Advisory 2020-0943-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and various information. The Samba packages have been upgraded to upstream version 4.10.4, which provides a number of bug fixes and enhancements over the previous version.
271e4ed1417c47864bce4636b7fbd69dec3e8f00fc38cb11abd4401e37c6655a
Red Hat Security Advisory 2020-0942-01 - The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime. A race condition has been addressed.
a546335cdeeceb6b8804dfd0cbd426affeca451688b0f8359da23b54f2d297f1
FIBARO System Home Center version 5.021 suffers from cross site scripting and remote file inclusion vulnerabilities.
9c5c10c08cb8ee00315f16d3aab6e0a97b68eab7ea458910485e5ff95a150b8b
Red Hat Security Advisory 2020-0939-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.4.0 serves as a replacement for Red Hat AMQ Streams 1.3.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a code execution vulnerability.
99bc63d1d1b7897c5007d7edd2cde6b0584b2ea1fcb8f8b53be733a054867748
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
f48c0b6fe4769ea9f99b0be3525e912c3195af0896ede4f5d2fcbdbd9485a5b5
Joomla HDWPlayer component version 4.2 suffers from a remote SQL injection vulnerability.
1a9d90f77d03d4dd382c5705f1e80c9bc713315b966c1e692f051815afeb773e
Red Hat Security Advisory 2020-0924-01 - The GNU Compiler Collection is a portable compiler suite with support for various programming languages, including C, C++, and Fortran. The devtoolset-8-gcc packages provide the Red Hat Developer Toolset version of GCC, as well as related libraries.
e442177f2afb7b6b389586e29aeffddfc02f631fda3659d3b7286d91152384b9
rConfig version 3.9.4 suffers from a search.crud.php remote command injection vulnerability.
46da4988737c90304318720180a381f97a3554b50c1410cead0b35bc43ad5e5d
Red Hat Security Advisory 2020-0914-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Issues addressed include code execution and use-after-free vulnerabilities.
beb85d7ca160735199151f5499918115b209b88e07b683b5ff2dddfb99111ec4
EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne version 7.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
c8c1ee404137f5363caa0542ea51c48a1804bca16ce92720b8f67a54bd4e61af
Red Hat Security Advisory 2020-0920-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include a buffer overflow vulnerability.
4425533e395f71e2b6435c15becfd54f596ff77209119274ca4da995d270e7a4
Red Hat Security Advisory 2020-0913-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include a buffer overflow vulnerability.
c47767bce15e8a23c92015236e836866bcb10ed7eae6d0e4b80b5b1e44534832
CyberArk PSMP versions 10.9.1 and below suffer from a policy restriction bypass vulnerability.
ebfba5e41f39d0245a0fdd0e43532ad9fe59237e5f5fcc3961c24f18ee09a690
Red Hat Security Advisory 2020-0912-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A file read / inclusion vulnerability was addressed.
1dce0fdf7252e07cb2b9ce83ef01e94b8efc7faade6112fedaf777397699f269
Red Hat Security Advisory 2020-0919-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Issues addressed include code execution and use-after-free vulnerabilities.
03cefeeb5f760e41c4849868221de5ac8b9ce3b2ccab886e96694bfdad60090d
Red Hat Security Advisory 2020-0921-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include a buffer overflow vulnerability.
4a34ab8047831ab281cbda13550cf3cf518d5b6669d2362b2567b73212f10f87
26 bytes small Linux/x86 reboot polymorphic shellcode.
fa0f3f8ad9bda717bb3a92c58de936f8932a7a2db2e9f6502cd29ab55ef3bb75
210 bytes small WinExec add-admin dynamic null-free shellcode.
10713fa81c6b58fcd1c43a985c9e7b83cdaf08f492d771955a5ea71c5bbd68e4
Red Hat Security Advisory 2020-0918-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Issues addressed include code execution and use-after-free vulnerabilities.
e5991ea10e15fcae493ece1c5733f1598bd93cdbd8681511d14c006e74da0a7a
Red Hat Security Advisory 2020-0922-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.6.0 serves as a replacement for Red Hat AMQ Broker 7.5.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include cross site scripting, denial of service, and information leakage vulnerabilities.
e28f8c201acac84c857d85538a4cdf5aa62cf4a71c3756bb81586cc2df2e22b0
Google Chrome version 80.0.3987.87 heap-corruption remote denial of service proof of concept exploit.
33d380918ed545365938438944b56a5499f99202cb00215ab3f1dc1cab906675