Red Hat Security Advisory 2020-4298-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.
b21e4b6db18910bfdf465e20ef86844c5bb5f82b4312bf2f74efe50f227b2c78Ubuntu Security Notice 4602-2 - USN-4602-1 fixed several vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
86b1279f5ba83fe76fe52f2395906c7367643ef255456da358314e985b840833Red Hat Security Advisory 2020-4297-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Issues addressed include information leakage, man-in-the-middle, and traversal vulnerabilities.
ad89efbaecf4af121b6a5f9076507a5e419275c9a6fba2dfaf8b66ce8a783eeaRed Hat Security Advisory 2020-4366-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include HTTP request smuggling, cross site scripting, denial of service, memory leak, and traversal vulnerabilities.
c691cbaa83066b8d59e5188ddbfb88ab178e4310136cd824c67d6356f9911b5bTDM Digital Signage Windows Player version 4.1 suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice.
de62ec165f906395d0e555a9a219f004844be9346868125ffa1401fbec4bb456Ubuntu Security Notice 4583-2 - USN-4583-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.10. It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. Various other issues were also addressed.
953c5ec8c6ea5705d5a7d38c3577d64521e45ed0cd76684e510b5a47bc41b518Ubuntu Security Notice 4605-1 - Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service.
f4e1c94bc5fad949b633aad9b1d3ff52fc89d9c44561afe0d76705f447f7d736Ubuntu Security Notice 4604-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.22 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.32. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
4e8037be519a8287b387659c5c9902fec4823fe26a5ed29943ee1901c90ba591Red Hat Security Advisory 2020-4348-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.
cdd1e530d317b8fb4a3b2e7e8de2ba6052d56551657fd101ecb4c9a945e12520Red Hat Security Advisory 2020-4350-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.
0e27ca91b671e011ab205fb4242f22bfe06b029e8856c37a0a4b5596f7667922Ubuntu Security Notice 4599-2 - USN-4599-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 16.04 LTS. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary code. Various other issues were also addressed.
0cb7b1c8febb53988764a40fd3798cde7e434f570858b4ba17b00096c4cf59afRed Hat Security Advisory 2020-4352-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.
919274ea3f1abe4515aa0d0ca87a4276af971f0ce6de9d80ae446d8052197950Red Hat Security Advisory 2020-4347-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.
e915a9b761b4df5a3bdd0a8c14271942adf84d766e33b1c14c4db8b49a8775b8Ubuntu Security Notice 4562-2 - It was discovered that kramdown insecurely handled certain crafted input. An attacker could use this vulnerability to read restricted files or execute arbitrary code.
c0cf550aa1577dcf4dcad242a2598aa387ec2061b23663dabc55578cc21a0ea4Sentrifugo version 3.2 suffers from a restriction bypass vulnerability that allows for a remote shell upload.
a05d1d824f04e21827b1223740bd0ad9159748f8c1c37a84d21f5b2b6b90846cRed Hat Security Advisory 2020-4351-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 86.0.4240.111. Issues addressed include buffer overflow and use-after-free vulnerabilities.
6c3f79c9507d125e620bdeced93e8a67f05ea85ff7669b3253c914b45c3df4a2Red Hat Security Advisory 2020-4349-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.
a56ed2ade79f7fe6b15dd418f97cebcf040be469b11b93fb8c868d040ca610e2Adtec Digital is a leading manufacturer of Broadcast, Cable and IPTV products and solutions. Many of their devices utilize hard-coded and default credentials within its Linux distribution image for Web/Telnet/SSH access. A remote attacker could exploit this vulnerability by logging in using the default credentials for accessing the web interface or gain shell access as root.
6651c1b2c8c8662316e9af78a90dc515c65b90bc8edf4ed4f59b09a54d87193cSphider Search Engine version 1.3.6 remote code execution exploit.
12d453d48a78bb7d7a0b6ff07688be488721af5843b001df66e28674efaec9ab
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed