ECSIMAGING PACS version 6.21.5 suffers from a remote code execution vulnerability.
b2cc9890b72511e54bdc2287292f503dRocket.Chat versions 3.7.1 and below suffers from an email address enumeration vulnerability.
bc01b3651990cf22054b8d0175e1705cLynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
44b26983029929912d5bab53a083f776Dovecot versions 2.2.26 through 2.3.11.3 suffer from a bypass issue. When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structure and access other users' emails using a specially crafted command. The attacker must have valid credentials to access the mail server.
5f6ec291becfdbef0390d40207572b2bDovecot versions 2.3.11 through 2.3.11.3 suffer from a denial of service condition related to MIME parsing.
3013935c3e953195b4dad8ab78d9d3ceUbuntu Security Notice 4684-1 - Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
1751a770e1cc64cf0203b6e4506c808eUbuntu Security Notice 4685-1 - It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code.
441106d86f85ccadec1d3c14e6567734Ubuntu Security Notice 4686-1 - It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.
4cd68750ef2abd5f6b9640ef33177e4fRed Hat Security Advisory 2020-5388-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.11 serves as a replacement for Red Hat support for Spring Boot 2.2.10, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.
b3bdc25df3f101e501f013f1465ac1d3Ubuntu Security Notice 4683-1 - Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
7fbd2df16ee169fac1041dc6ef729402Sonatype Nexus version 3.21.1 suffers from an authenticated remote code execution vulnerability.
0b962451f81cbc4bf034f6bb2fa9aceeH2 Database version 1.4.199 JNI code execution exploit. This exploit utilizes the Java Native Interface to load a a Java class without needing to use the Java Compiler.
7ea784920011613c761867cc57ddb434Gitea version 1.7.5 suffers from a remote code execution vulnerability.
6c9b0d3fdae6e3de5cf84344b28d7350The NVIDIA graphics driver suffers from information disclosure and code execution vulnerabilities. Affected builds include 460.79, 460.89, 457.71, 457.30, 457.09, and 456.71.
8740170952bbbe2a3eb445c421cda3cdPaperStream IP (TWAIN) version 1.42.0.5685 suffers from a local privilege escalation vulnerability.
19cfe2a0cf7404b967d5ed60b8a7f072
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed