File Management System version 1.1 suffers from a persistent cross site scripting vulnerability.
57c219d025fd9b68e5d82101af2884fbo2 Business for Android version 1.2.0 suffers from an open redirection vulnerability.
9980d38918579dd6100d181024b4b638Apple iOS version 13.5.1 suffers from an issue where it is possible to circumvent the copy and paste restriction from the company profile to the private profile. Thus, it is possible to extract attachments that can be previewed ("Quick Look") in the native Mail client to any private app.
25b8c8457ca8a60d7a3cd815cbaafb53Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1 suffer from a cross site scripting vulnerability.
fb51f3219cdae4ef390670001545f686Bolt CMS versions 3.7.0 and below suffer from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities that when combined can achieve remote code execution in one click.
e1905dcd1353235ff99a9faf7ed545efUbuntu Security Notice 4413-1 - Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. It was discovered that the SCSI generic driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service. Various other issues were also addressed.
fde79b2524fd2873eced62bd6c5bd6f8Ubuntu Security Notice 4412-1 - Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. It was discovered that the SCSI generic driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service. Various other issues were also addressed.
a481f0961e706d7aae6286d909781dcaUbuntu Security Notice 4411-1 - It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.
148b0d020976d401ff4a67db24197a2bUbuntu Security Notice 4414-1 - It was discovered that the network block device implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service. It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.
9cc3c3cb5cfa2e48d383169e4cb7fe6cUbuntu Security Notice 4410-1 - A double-free bug was discovered in snmpd server. An authenticated user could potentially cause a DoS by sending a crafted request to the server.
2840a77f614191afbc1634c375e7762cOCS Inventory NG version 2.7 suffers from a remote code execution vulnerability.
11cc526d805b8e3ce99d3b7f7600418dZenTao Pro version 8.8.2 suffers from a remote command injection vulnerability.
e996eb673b8676f42c3bf0da46ce33c4
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed