WebKit has a data race condition in AudioArray::allocate that can lead to out-of-bounds access.
36dd2c73b178e99d96c08d9a812df124956a7cdf27caa906595ed62ecb80f1e9WebRTC suffers from an out-of-bounds memory write in the method RtpFrameReferenceFinder::UpdateLayerInfoH264. This occurs when updating the layer info with the frame marking extension.
06971daf4e8e1b40696e457b7e355f90460b37a0e0308f2559ba4a2fa0af726fChrome suffers from an issue where a data race in AudioArray::Allocate can lead to out-of-bounds access.
40c89fb5d3f2f33337160274195305f3cd381ef1ff99e9b1b31576dd9241fd40When WebRTC processes a packet using FEC, it does not adequately check bounds when zeroing the video timing extension.
157cd64dc55515807088f940f00ae62c6d3ee089d4b0fc465f7fca79aaf47e9anfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
05697456dfaef68143af4f1d66d223ceaa4291f23be158ca69c675be3e925e08Gentoo Linux Security Advisory 202004-13 - Multiple vulnerabilities have been found in Git which might all allow attackers to access sensitive information. Versions less than 2.26.2 are affected.
862a28af41503547a97dcc01c1875ab49c70676db9948955cb81cca3132e5fb9Gentoo Linux Security Advisory 202004-12 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 81.0.4044.122 are affected.
d21b43ec81a16c450013b7d29092d8fd7b97ed4ed4f8f25974618d9386f438edRed Hat Security Advisory 2020-1561-01 - Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. HTTP request smuggling vulnerabilities were addressed.
321382f48e82e5efce5f3aebe58bc72acf3ace69b733bfef5687079a8919a53dUbuntu Security Notice 4338-1 - Agostino Sarubbo discovered that re2c incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
366ab724729685674243f15f24754dc0fe18543a9c548d97aeb2a0145ddd4524This Metasploit module exploits an authenticated directory traversal vulnerability in Zen Load Balancer version 3.10.1. The flaw exists in index.cgi not properly handling the filelog= parameter which allows a malicious actor to load arbitrary file path.
235cfaea63888533e4913051ad738896e2564cdbfb458391c3f2c2d2c0432e38Gentoo Linux Security Advisory 202004-11 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.7.0 are affected.
56769140d3745c7fa75b078705e9f9388804f80045f7d7e2f2e6319e05b03d5fComplaint Management System version 4.2 suffers from a cross site request forgery vulnerability.
564e5e716ea200928cd5a5fdeb5952c179b2801fa03c8a82f871cf97dd0deb3fComplaint Management System version 4.2 suffers a remote SQL injection vulnerability that allows for authentication bypass.
e8e6f7105defc4efa97b7a2f1b0ed3e556f7592a0a7a14e09ca2fad57e5f5970Gentoo Linux Security Advisory 202004-10 - Multiple vulnerabilities were found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.1.1g are affected.
cfc7883a72f8c1a583810a4b13173d4ababf1b9c76a9e8e974ff8e85bc52af2eAMD Radeon DirectX 11 Driver version 8.17.10.0871 suffers from a memory corruption vulnerability.
0de14ea2d6e635df7244593dd7f398331162c4971243f548ce644e988a64bdf7Ubuntu Security Notice 4337-1 - It was discovered that OpenJDK incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted regular expression. It was discovered that OpenJDK incorrectly handled class descriptors and catching exceptions during object stream deserialization. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted serialized input. Various other issues were also addressed.
012f3d986c12a3ea3be5b18918122d523fa812f720b057164de376abbf9fd1a1Complaint Management System version 4.2 suffers from a persistent cross site scripting vulnerability.
11a2acb324d92bb8f5fbcd969c42247542b44687c74ea334d95df11ea44fd8dcUser Management System version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
a50a661cf085bc9fa8e3e516658b8bea5e7e60f39233e20cbce96d6cddfa1d4dRed Hat Security Advisory 2020-1545-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An issue was resolved where /etc/passwd was given incorrect privileges.
872a47f8349f6890ebb28e1e3af1534542d1e0a335f49a9faafbd7b193f5b0f1Red Hat Security Advisory 2020-1449-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A local file overwrite vulnerability was addressed.
6961288947125aa8f7b8a69421233d0e7810c47719260ee3a537fe1a1cda8671User Management System version 2.0 suffers from a persistent cross site scripting vulnerability.
f51d19d1447f0566a48f9c13d1dd3b32e124bd3d1497ca12929cf00aaa1a8f32
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed