Red Hat Security Advisory 2020-1080-01 - Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Issues addressed include OpenPGP signature spoofing and certificate errors being ignored.
49e3527efd122fe2be90beedad548b8464347109c4a2cefa6f77b1a4439a99e4
Red Hat Security Advisory 2020-1034-01 - Doxygen can generate an online class browser and/or a reference manual from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. Issues addressed include a cross site scripting vulnerability.
2278e6814a47a0b4c553586fbdce7ff713ddd1f87da3ed06b0e806daab70e16a
Red Hat Security Advisory 2020-1021-01 - GNOME is the default desktop environment of Red Hat Enterprise Linux. Issues addressed include a bypass vulnerability.
e79cc42c78c4a62564485ffaf4c8a8f87efa871d62a2690e3f8dfe8167f6fd11
Red Hat Security Advisory 2020-1011-01 - Expat is a C library for parsing XML documents. Issues addressed include a buffer overflow vulnerability.
396fa45f7ff0ec496dac5d1015605f1597fe536d54ca75e4e5238df9fa0c9aeb
Red Hat Security Advisory 2020-1020-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a buffer overflow vulnerability.
e42ea9865f21410f6c7489768bebc2d14c873926310715fb2301e4a04f0ffd37
Red Hat Security Advisory 2020-1003-01 - The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP server. An open redirection vulnerability was addressed.
4b0131611c1856e3cfb41e25c6de321c7435a965ad79574a64bc14b8508014a9
Red Hat Security Advisory 2020-1016-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, information leakage, and use-after-free vulnerabilities.
5270d5021355b80a03bef2fa11d11ec5b8ab02fe18ec0a66da959c57bee345f6
Red Hat Security Advisory 2020-1022-01 - The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. An out-of-bounds read vulnerability was addressed.
1af2533b8e22dfe621fc19a7f15a77e11ef9d5cc1a6ad8f0fae4fe5828e080c3
Red Hat Security Advisory 2020-1000-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. A heap-based overflow was addressed.
a05f2d02c4e050654376794065fcd0c944afaa09edf293301111c78112a800ec
Red Hat Security Advisory 2020-1216-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow and null pointer vulnerabilities.
7021d08a29d53c69539017e8132d9093b0402844dddc4c702e79590375c6ce75
KandNconcepts Club CMS versions 1.1 and 1.2 suffer from cross site scripting and remote SQL injection vulnerabilities.
9070d2fd9497a64134d2ff0cc7de35672d08bf049d42764ee9daf8631da56815
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
186c6bfe6ecfba7a5b48c47f8a1673d0f3b0e5ba2e25602dd23b629975da3f35
Microsoft Windows 10 SMB version 3.1.1 SMBGhost local privilege escalation exploit.
6264aca1e467841faf26e69f8666d2ab3b3b4382fd866c93ace48782ed2ba071
DrayTek Vigor2960 version 1.3.1_Beta, Vigor3900 version 1.4.4_Beta, and Vigor300B versions 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta suffer from a remote command execution vulnerability.
da216e7a3bcdc0e7690df8ecec6a4e14c871f9c105b3e89a4e2c3f6a11e45588
FlashFXP version 4.2.0 build 1730 denial of service proof of concept exploit.
7c9be5ce1549e120d252b736596933bacef1869af90adfbb4b4be0fa1a2a3dc1
Grandstream UCM6200 Series CTI Interface versions 1.0.20.20 and below suffer from a remote SQL injection vulnerability.
fcf24eefeddb201c346536166ab265e01a1416b56845436fbce588e35ef4d37b
Grandstream UCM6200 Series WebSocket versions 1.0.20.20 and below suffer from a remote SQL injection vulnerability.
dbde0cbce4402b656e10575e77f62e63150d1c5371532197da758fe2d6e3a6a0