The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger the vulnerability. On successful exploitation, code is executed within the context of the user who started the AnyDesk GUI.
3a9a77f3da97e3fa3eabb2ff840fb3ea885747038fdb66fcbcb8f64ab38332f4
Red Hat Security Advisory 2020-2817-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a HTTP request smuggling vulnerability.
8532ff6109d76302c144b3361db60c0aa50758a60d06b2d79ebf30dee7c39f74
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
bd89052a5766cce08b1090df49628567e48cdd24bbaa47667c851bac6aaac940
AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
799bac2e6f3d6d87c6ff98afc9bb5be9e6dfc175a8fce55552688bf68cfcb34d
EQDKP Plus CMS versions 2.3.29 and below suffer from a cross site scripting vulnerability.
96581e3268698e7949f7963bd55792656b81cc7537416ddc64e37abb905a7742
Ubuntu Security Notice 4409-1 - Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. Douglas Bagnall discovered that Samba incorrectly handled certain queries. A remote attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
4924b1a19dd6a621e54d404d4a685266e56a5f2ab5c765d8c6c670cc4f44855b
Red Hat Security Advisory 2020-2816-01 - Packages: Red Hat Single Sign-On 7.4.1 adapters for Red Hat JBoss Enterprise Application Platform 6. Issues addressed include a code execution vulnerability.
37ae1faf530d1b55f569d88661539cc9d8e6dc9ac6c0e7c7785727ff4bd5a343
Ubuntu Security Notice 4408-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass permission prompts, or execute arbitrary code. It was discovered that when performing add-on updates, certificate chains not terminating with built-in roots were silently rejected. This could result in add-ons becoming outdated. Various other issues were also addressed.
6ca4741ec78669fe449e3105edcdad19b8a5775cdcccfa95a54e6e0651210cf2
Red Hat Security Advisory 2020-2814-01 - Packages: Red Hat Single Sign-On 7.4.1 adapters for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include a code execution vulnerability.
502f03d181f164bfaf25712bd57530d9cd65c56ec4a6b9b8f5673ae775f3e570
Red Hat Security Advisory 2020-2813-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.1 serves as a replacement for Red Hat Single Sign-On 7.4.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and cross site scripting vulnerabilities.
1c1d602b8a2a7830043fa2e0ba5fef5fa819bd9b6197bfeb59f173a6993f87e6
Ubuntu Security Notice 4407-1 - It was discovered that LibVNCServer incorrectly handled decompressing data. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. It was discovered that an information disclosure vulnerability existed in LibVNCServer when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. Various other issues were also addressed.
381823d3f578d2ce7c04ed4ac635ad995451cdf2fecebc4a75523f9889132a63
Red Hat Security Advisory 2020-2799-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
fd07a6bd3b655cfbbe4dfc3cbfac15f701c8670e8eafef1bca994f93593bbda5
Red Hat Security Advisory 2020-2795-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
e9043d6ff8097b17353dd617de418d1713971ad9b6dae3696ed363b36664def9
Red Hat Security Advisory 2020-2796-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include cross site scripting, denial of service, and server-side request forgery vulnerabilities.
80a98f897d0125587f947d7e21d187fdf53a7ab0eecebcab70a90ca4d0b97ac0
Red Hat Security Advisory 2020-2798-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a resource exhaustion vulnerability.
dc335eda8e8b9827967b99450ea48210135b55c100b7fc2697ea1f19dac97241
Red Hat Security Advisory 2020-2595-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
2dc2027788a2469b52ac06d8c4d6495cafd25c31f8ca4b7ed6e5aeb5002d87e2
Red Hat Security Advisory 2020-2594-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a server-side request forgery vulnerability.
35ad6edc32870963614b04e2e20063cf7ef2dccdd8b045a478f367eef522e10c
Red Hat Security Advisory 2020-2592-01 - The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Issues addressed include a man-in-the-middle vulnerability.
ecb22dc9704b8ee9c3afe94ec3aabe2bf4b529fec3f11c1b11710f0337d9d2c3
Proof of concept Xcode project that leverages Safari to demonstrate a macOS privacy protections bypass vulnerability.
67c83963ffe24a3a123e62b635d2bf0846d65ed8f00bbaa9ab88e8747cb9895e