Namirial SIGNificant SignAnyWhere versions 6.10.60.25434 and 6.10.100.25817 suffer from a persistent cross site scripting vulnerability.
d99d281f793f77347d2add6ed8e295c2Red Hat Security Advisory 2020-3248-01 - This release of Red Hat build of Quarkus 1.3.4 SP1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include XML injection and denial of service vulnerabilities.
71aac395383c0459a06d943febddcce2Red Hat Security Advisory 2020-3241-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.11.0 ESR. Issues addressed include a use-after-free vulnerability.
c6a0d0cf88d99de6b6131f069088ea60Gentoo Linux Security Advisory 202007-60 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.11.0 are affected.
7750724215713d5c4b212ec02403ed8bRed Hat Security Advisory 2020-3233-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.11.0 ESR. Issues addressed include a use-after-free vulnerability.
f4efcb874041e054ad72ac0ef6eaf897Red Hat Security Advisory 2020-3230-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.
0c33741e3da2c05299e4f940719eaed8Red Hat Security Advisory 2020-3232-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
a19d432792a487e06a4ad50e7acc6b21Red Hat Security Advisory 2020-3229-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.11.0 ESR. Issues addressed include a use-after-free vulnerability.
33cb829076f23ed4c33d84c010c0a603Red Hat Security Advisory 2020-3226-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
b149a336ebfead5b5a2cbfd8241eb45dRed Hat Security Advisory 2020-3224-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
e3e3f0307b3c23db63c76cb2dfa808cfRed Hat Security Advisory 2020-3228-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
43ccd3fed612b6d1f953063df7896565Red Hat Security Advisory 2020-3227-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
fa976cb619e24d2d351796191c282d01Red Hat Security Advisory 2020-3223-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
d0fc26d05115384086fc4a4065fd2e62Red Hat Security Advisory 2020-3222-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, bypass, denial of service, and use-after-free vulnerabilities.
c02ad005e8a5b5594ac671c959f4f4b3Red Hat Security Advisory 2020-3217-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupdate packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
8fc53efa0fb476b2f33a9f74f3f9198aUbuntu Security Notice 4432-1 - Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. Chris Coulson discovered that the GRUB2 function handling code did not properly handle a function being redefined, leading to a use-after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. Various other issues were also addressed.
e8c8115375ad07c3a69fd6d3665f7dd3Ubuntu Security Notice 4443-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass iframe sandbox restrictions, confuse the user, or execute arbitrary code. It was discovered that redirected HTTP requests which are observed or modified through a web extension could bypass existing CORS checks. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit this to obtain sensitive information across origins. Various other issues were also addressed.
d80178008eece3baac547d3e0382ff43Red Hat Security Advisory 2020-3216-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
70bea9538d5a1da61e92d2182cd8ad0fRed Hat Security Advisory 2020-3219-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a bypass vulnerability.
42a8597f91f73c73008d78cd37179cc9Red Hat Security Advisory 2020-3218-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
e55504c8c6b69b5f34269d58acda4200Red Hat Security Advisory 2020-3221-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and use-after-free vulnerabilities.
3d4992053bcacd974180459984fc5713Red Hat Security Advisory 2020-3220-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.
eb6cb90635a2c7b693c8d36a950c3e46This Metasploit module exploits a arbitrary file upload vulnerability within the Baldr stealer malware control panel. Attackers can turn this vulnerability into remote code execution by adding malicious PHP code inside the victim logs ZIP file and registering a new bot to the panel by uploading the ZIP file under the logs directory. On versions 3.0 and 3.1 victim logs are ciphered by a random 4 byte XOR key. This exploit module retrieves the IP specific XOR key from panel gate and registers a new victim to the panel with adding the selected payload inside the victim logs.
3aee05fb3bfa3e3eb0452ce7bbf7bdfbTHC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
7a2f54980ce44aff0cc047fb75751dbaGentoo Linux Security Advisory 202007-59 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 84.0.4147.105 are affected.
6412f0c7e312d2c493302d53e3de122e
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed