Red Hat Security Advisory 2020-4390-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.
4cebf7d44e31c240a760ae6facd694e9856c3d52ac9e2b2f51d8b4f4f0e24ad7Red Hat Security Advisory 2020-4391-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.
fa5591d87819bf308f377e7976839eb0308369434f2c875830e243f4ee5ae53dUbuntu Security Notice 4552-3 - USN-4552-1 and USN-4552-2 fixed a vulnerability in Pam-python. The update introduced a regression which prevented PAM modules written in Python from importing python modules from site-specific directories. Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root. Various other issues were also addressed.
51483cd9b602df9bae06a2d916daa0499320d343ef1be1b1afd3b143c509400aDebian Linux Security Advisory 4769-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks.
e6c5001c6e839fbf6f78b7b8d62d2d143bd2b61990509f9e7883301ff985de3eDebian Linux Security Advisory 4770-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.
02a741fbde1a694656e2107162f00407acac8db9011fe8a72c8730fa9b1a952bDebian Linux Security Advisory 4771-1 - Frediano Ziglio discovered multiple buffer overflow vulnerabilities in the QUIC image decoding process of spice, a SPICE protocol client and server library, which could result in denial of service, or possibly, execution of arbitrary code.
a1576ec4b008cf6fd0f7ce8adbf72f46bc2bf85daef60056fcf552fc79297aadDebian Linux Security Advisory 4772-1 - Priyank Nigam discovered that HttpComponents Client, a Java HTTP agent implementation, could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution.
46abf040691fa579ed519644fab0546957e697a36931ae920f60979c9e201d25Debian Linux Security Advisory 4773-1 - Two vulnerabilities were discovered in yaws, a high performance HTTP 1.1 webserver written in Erlang.
0c213b73840806d1cb1fe8a49cac06cb5bd45039df5ae7cc8dc5abd7613a84dbDebian Linux Security Advisory 4774-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.
4a7683621e889be8263c0eed0407c142799b83815cf38d1f521331435715266aDebian Linux Security Advisory 4775-1 - A directory traversal vulnerability was discovered in python-flask-cors, a Flask extension for handling Cross Origin Resource Sharing (CORS), allowing to access private resources.
8e9c6fbda033db3313524eb8cc59da0f6e3aee7a7fd3aa124e5c31e37da92aadDebian Linux Security Advisory 4776-1 - A security issue was discovered in the MariaDB database server.
c303d654bd40db8682aafd9f26d8cb2740bc2beaf7a376153c1113750c70c6daDebian Linux Security Advisory 4777-1 - Sergei Glazunov discovered a heap-based buffer overflow vulnerability in the handling of embedded PNG bitmaps in FreeType. Opening malformed fonts may result in denial of service or the execution of arbitrary code.
e07057c51dcb871a6de63e1ea7233729299127657cde7e3493253a5087c34ab0Debian Linux Security Advisory 4778-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
a5d7327d6d27bef49e8e68e45434a16a7f13da01e9dca1109bb9bc3e69c1ddf0Debian Linux Security Advisory 4779-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which could result in denial of service, information disclosure, bypass of access/sandbox restrictions or the acceptance of untrusted certificates.
731b49476c241c261998bff0a7538272dbdfcf0f2dbdba514432e1387a43d49eDebian Linux Security Advisory 4780-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.
8b4dadbc6a9dc932f30a3bd1a5683af2fbebb6fa9088460960326437e1f0cdc4Debian Linux Security Advisory 4781-1 - Vaisha Bernard discovered that Blueman, a graphical bluetooth manager performed insufficient validation on a D-Bus interface, which could result in denial of service or privilege escalation.
fca192b68db8419079766f9d06d616f92440e97aeb33c47eec3d8b3cef6d270cDebian Linux Security Advisory 4782-1 - A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet.
00759ecb63f3235a7fa183d3722a7f9bd6247c549576c7fdca5738a9f409855aFreeType suffers from a heap buffer overflow vulnerability due to integer truncation in Load_SBit_Png.
3e74cc76bab0b12102b081d5d5527d7a09ac96232ae08096c3cc4702512988b9Red Hat Security Advisory 2020-4384-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 and includes bug fixes and enhancements. Issues addressed include buffer overflow and integer overflow vulnerabilities.
467d98d3dc3e453dab213eac2a788f9c54641adf327662b50e225048b78e03a6Red Hat Security Advisory 2020-4383-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 4 and includes bug fixes and enhancements. Issues addressed include buffer overflow and integer overflow vulnerabilities.
e3fa177914caddbd671a91d6b248da680b85881080ad1c62d8b0d466e506ead0Red Hat Security Advisory 2020-4283-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.
7a511b396227e7c79c224ab43bb0fc1fd0e7cc0f2eb2ea0a8159a187a4a9ad86Red Hat Security Advisory 2020-4381-01 - The openstack-selinux package is a collection of SELinux policies for running OpenStack on Red Hat Enterprise Linux.
06319d6e786fcdfe626e9df9c43b5eea6831a23ba224550b10bfbb51d9e1501aUbuntu Security Notice 4608-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.44 version of the Mozilla certificate authority bundle.
9b4019ce3ed6eb8dde275c3fce9d925a189d33c1ad19b15beb797f1ebf82276bOracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from local file inclusion and directory traversal vulnerabilities.
1ce61cfa5df4fb1911183bd9133f8dd66643cf0945794e668ec5c2a5cb8333b5God Kings version 0.60.1 suffers from an improper authorization issue allowing for in-game notification spoofing.
0739b7472a6c8181be50dac6e880dba434850aeb93bca40ab3c19da4c9c1fd8c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed