Ubuntu Security Notice 4692-1 - Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Daniel Axtens discovered that tar incorrectly handled certain malformed tar files. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to cause tar to crash, resulting in a denial of service. Various other issues were also addressed.
9bed467c26667336b932ddeba1541600754872bc0120a0b322fee2ac338b5d12Red Hat Security Advisory 2021-0114-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.111 and .NET Core Runtime 3.1.11.
7380575aa02aabc182467506a2882cf735188d7bf79e56d1a76fa23626b3b193Red Hat Security Advisory 2021-0110-01 - This release of Red Hat Integration - Camel K - Tech-Preview 2 serves as a replacement for tech-preview 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include an XML injection vulnerability.
0072214b8752c91826227c41bc21cb074fffe02b75be65b68b6fa1f4c88b26dcUbuntu Security Notice 4691-1 - Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code.
522c33d4bfb2612643e27b3e5307fae4956cb875c0b7d34c19776365676cb382Red Hat Security Advisory 2021-0030-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
9b192408ceb808a4dc144a61810c26e5f746032f27e94d444fd2105e971b9596Red Hat Security Advisory 2021-0106-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.9.1 serves as an update to Red Hat Decision Manager 7.9.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
bbdcc017d30440cfcba2abc8f04c029f5e2566c59cfbde27608a6b81045fb0edRed Hat Security Advisory 2021-0105-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.9.1 serves as an update to Red Hat Process Automation Manager 7.9.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
43ccb66d8aa4ca719d5833479d04e7b2a52b58dc06a2d946510669c4304176bfOnline Movie Streaming version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
c1c543077b80ab705e658b5b81d57d5c4ca96d224085b4a34ba22a095e3acb02Online Hotel Reservation version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
29174597e03d02922fab98d6db61e9b7316ee6845c167fa785ed34dc739da0a9Ubuntu Security Notice 4690-1 - It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user could use this vulnerability to insert packages into the loopback interface.
e5a6b608a261733f2ac478eebef781a73d720ced5c66448b8f123eac9fc56328Gentoo Linux Security Advisory 202101-10 - Multiple vulnerabilities have been found in Asterisk, the worst of which could result in a Denial of Service condition. Versions less than 13.38.1 are affected.
11d807e9cd4e114f1e2c4fda7361a73e56a538a84922c07e2278e40be8db2000flatCore CMS versions prior to 2.0.0 build 139 suffer from cross site scripting, file disclosure, and remote SQL injection vulnerabilities.
7004bfa666eb6af03dc29eadbe529eafb7fe5a6be9ff5748f6c735dfd6916202Red Hat Security Advisory 2021-0095-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.111 and .NET Core Runtime 3.1.11.
6c953744092833a1e4f5d55b9a6f709e3117eecc95580fbdbf3f5d2d13f6705fRed Hat Security Advisory 2021-0094-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.102 and .NET Runtime 5.0.2.
4ef5433bc12908b3409ddbe3c0aec0291cd91731c74796314220f1b08ed9f9a9Pepperl+Fuchs IO-Link Master Series with system version 1.36 and application version 1.5.28 suffers from command injection, cross site request forgery, cross site scripting, denial of service, and null pointer vulnerabilities.
c88a68158caf9f8c370f593f1564b9bdfdae8e3ee99f70f86114b5c91c83c7b8Whitepaper called Deep Insight into Social Engineering.
1bed6e836dd7d227a5222043c99f27a70f0462e635d99fdc95fcd8a95a94dc11Gentoo Linux Security Advisory 202101-9 - Multiple vulnerabilities have been found in VirtualBox, the worst of which could allow an attacker to take control of VirtualBox. Versions prior to 6.1.12 are affected.
52f1427b6724027c64e1c0a43f6f10cd2738fb5d98601a21cb0095f7a4a9bbe6Red Hat Security Advisory 2021-0096-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.102 and .NET Runtime 5.0.2.
4e80d001ebbaaf7f8ed5b9ca8029fdce99e1e3032a9cfc42944d226aa6c77f2eFiberHome HG6245D routers suffer from bypass, hard-coded credentials, password disclosure, privilege escalation, denial of service, remote stack overflow, and additional vulnerabilities. suffers from bypass, cross site scripting, denial of service, and privilege escalation vulnerabilities.
2686e5c761e36bc3dfa888e8cf7225a954dc7af702d0bdccbb3ce7c5c5524e11Red Hat Security Advisory 2021-0087-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.1. Issues addressed include a use-after-free vulnerability.
5c86954ccad406d187bf625319d8e0537a7445c7d9caba8d646d9397d3576800Red Hat Security Advisory 2021-0088-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.1. Issues addressed include a use-after-free vulnerability.
71b9aa94e5c1595efb92e30d1f41370cf80dff7749f9380d88535b7657150bd5Red Hat Security Advisory 2021-0089-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.1. Issues addressed include a use-after-free vulnerability.
6663eda244204bf2080a7653b7473acc0bea376d4cf2ca26b751ad3bffe4c414Red Hat Security Advisory 2021-0084-01 - This release of Red Hat build of Quarkus 1.7.6 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.
18f5fab23675df87d9f8227d5d229f8dfb09639b1ef1c4d4a2834cc62e528559Envira Gallery Lite edition version 1.8.3.2 suffers from a cross site scripting vulnerability.
9dbf149ef3ee66457f73ea7147ed74161ff3ef6881909b863f14b4bf54649b7cBackdoor.Win32.Kurbadur.a malware suffers from a remote stack buffer overflow vulnerability.
6085760566d94f549b1030963e82440b2074d329a4302ca75320cceba37b765a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed