Ubuntu Security Notice 4457-2 - USN-4457-1 fixed a vulnerability in Software. This update provides the corresponding update for Ubuntu 14.04 ESM. Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen. Various other issues were also addressed.
210db888ba4fe21c96b15e2f09d41c6a07d067950daa904b691681b6c2491b78Red Hat Security Advisory 2020-3463-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, denial of service, deserialization, improper authorization, and remote SQL injection vulnerabilities.
0c14d9d1385882bd5a37e6b15d58e3228d959d5dba94bc2f0a24d5c7a0c993b8Ubuntu Security Notice 4456-2 - USN-4456-1 fixed several vulnerabilities in Dovecot. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. Various other issues were also addressed.
e612cc59d0086f2fe8392c474296f7b6497aa81939e60409aeee130585a1e2f7Red Hat Security Advisory 2020-3462-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, denial of service, deserialization, improper authorization, and remote SQL injection vulnerabilities.
6973157605bc35e3abfe1696595d8cda404dee663e0db21bf7c49127c648e070This Metasploit module exploits an authenticated arbitrary command execution vulnerability within the 'server' GET parameter of the /uapi-cgi/testaction.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.25 as well as firmware versions 1.12.13.2 and 1.12.14.5 when the 'type' GET parameter is set to 'ntp'. Successful exploitation results in remote code execution as the root user.
36eafe3001f3ca469ca138d607db2a8d28a3cd271dba916710ce286aa162db48This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz's unauthenticated XML-RPC endpoint /webtools/control/xmlrpc for versions prior to 17.12.04.
60488cf10d0bb2c687a49e401984865b951905374c0cf0ff883035fc4a5200b0Samsung Android suffers from a heap buffer overflow vulnerability and other issues in the Skia Qmage image codec.
8278d045827b4eff29f2172dbc3aedcdd9b26834e1eb56fe5b93c3a49113d8f1WordPress Fancybox Lightbox plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.
8d6121e9f09870b4f3eed758cd005c003dcc818bd75f43820ed2bdd831f95707Red Hat Security Advisory 2020-3461-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, denial of service, deserialization, improper authorization, and remote SQL injection vulnerabilities.
803dc4887108040f0c0e03705fc6db2f6d3b3ca679b3891b17621968b8f13e9dXenForo version 2.1.0 Patch 2 suffers from a cross site scripting vulnerability.
dc51a83e717b75116c25528d1b3a8342dafcd2220bbfe77a7e2298e2a0ad11cfWordPress Colorbox Lightbox plugin version 1.1.2 suffers from a persistent cross site scripting vulnerability.
fb60c1a8e2a56a23ed39e403f83e47927f59daec8792c8dc27db2f49c0b77f4aRed Hat Security Advisory 2020-3464-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, denial of service, deserialization, improper authorization, and remote SQL injection vulnerabilities.
58e9f325219d582ca3f7079eab076728a027afe76f3dda951839b3d131c665d8Red Hat Security Advisory 2020-3456-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include a buffer overflow vulnerability.
b5cbc7e5a4222c90d190f878e753641a9faa5cad630e772545d2e9622d2b6744WordPress Responsive Lightbox2 plugin version 1.0.2 suffers from a persistent cross site scripting vulnerability.
71fe9b51d8dbaeb946e8bc65b2a4e4c6f7c4f20e16428bc43f433bda8c458918Microsoft SharePoint Server 2019 remote code execution exploit.
33a9259466ade83cd4a8990936237df9d30b2dc2ce350148c38d14cf45d8308aBludit version 3.9.2 suffer from an authentication bruteforce mitigation bypass vulnerability.
87cea634a93b6826dcf3d595856b2558aa443aa641240735859083ddbc23b850
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed