Ubuntu Security Notice 4885-1 - It was discovered that Pygments incorrectly handled parsing SML files. If a user or automated system were tricked into parsing a specially crafted SML file, a remote attacker could cause Pygments to hang, resulting in a denial of service.
cf9c92c9eb6671be05dc716da1af0aeeec5c587a2c09dfac4f7ddf70476ffa13
Red Hat Security Advisory 2021-0949-01 - Red Hat OpenShift Do is a simple CLI tool for developers to create, build, and deploy applications on OpenShift. The odo tool is completely client-based and requires no server within the OpenShift cluster for deployment. It detects changes to local code and deploys it to the cluster automatically, giving instant feedback to validate changes in real-time. It supports multiple programming languages and frameworks. Red Hat OpenShift Do openshift/odo-init-image 1.1.3 is a container image that is used as part of the InitContainer setup that provisions odo components.
0f1e14fcd33ae341ac5a449e63f1c5aaf2d67016bb8f8bf52669a3ae8351010d
Red Hat Security Advisory 2021-0948-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include a cross site scripting vulnerability.
1cf1c16829abb46d2105ea57b50e4474e4ebb6be1e9ca72559dfce7274efd371
Ubuntu Security Notice 4884-1 - Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service. It was discovered that the priority inheritance futex implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
6489a0321e388e395c9abf2af0d1e25ed8126a432c304b1773a5b533cb22c005
MacPaw Encrypto version 1.0.1 suffers from an unquoted service path vulnerability.
b5d2d4e435e62adf8936f495f49c69e8a6aa8eb98356b07592b0ca5c404d687c
Red Hat Security Advisory 2021-0947-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include a cross site scripting vulnerability.
6c8d65bdd6b7609d102c519abd77c3d25ab0ad28f7fe37f9626eb0bc6d093e7a
Trojan-Dropper.Win32.Demp.rft malware suffers from an insecure permissions vulnerability.
1f4f629000e2471575a98a869cc1a0a165e27313c58c7146c8bb1fe6f827bc1a
ProFTPD version 1.3.7a suffers from a denial of service vulnerability.
c0e784a8dfecb916330f571b1f983fd5def5ae69c08468b48e1b027131766f11
Ubuntu Security Notice 4883-1 - Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information. Various other issues were also addressed.
d29d80374cb667f159382aded40ea914c42d0a84ad22af17e1dc69adb813beb8
MyBB version 1.8.25 chain remote command execution exploit that leverages cross site scripting and SQL injection vulnerabilities.
346cb7b2b76354697b6dad56b74d10e2a918ecc58d1255b8e981d570c996ec5a
This whitepaper focuses on explaining the Apache Ghostcat vulnerability and how it can be used to read file contents of all web applications deployed on Tomcat.
dc2b8740104317c36ad79dcb929d334c237272637cf804d3dfc086cec7bb44d1
Whitepaper called Credential Dumping Cheatsheet. It covers locations of data and various tooling you can use to find passwords.
029b308e2946943240e7d06eea765f709be7c1af2173b93f3e636ef0b7313a94
Trojan-Dropper.Win32.Delf.da malware suffers from a buffer overflow vulnerability.
043f924f6806b59b6f22b1995781a0710598c685f901b518f21a0305fa491d30
HEUR.Trojan.Win32.Generic malware suffers from an insecure permissions vulnerability.
5b3dffe10e3758104f20e7c87d4a72be6b808a64a51d0e89fca8524603481c22
Red Hat Security Advisory 2021-0946-01 - The OpenJDK 8 container images provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 serves as a replacement for the Red Hat build of OpenJDK 8, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
1ca0eec462bce021ce6217308293cf29147d6f3c721340fddcd2b340651e5c87
Red Hat Security Advisory 2021-0945-01 - The OpenJDK 11 container images provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat Build of OpenJDK 11 serves as a replacement for the Red Hat Build of OpenJDK 11, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
dc2a5d2b187f35a2e8a5744d6eeb7327e161e8df9d5c0848c443570959dc72ac
OSAS Traverse Extension 11 suffers from an unquoted service path vulnerability.
d5081a005413b7ff934e790a93aaa7906a70d3ca77ff852d52e8fdde8298e802
WordPress Delightful Downloads Jquery File Tree plugin versions 1.6.6 and below path traversal exploit.
55dc77f809d56b8b5aa14205f75e1428b5c479b4e6d09486ba4219db69b108dd
Trojan-Dropper.Win32.Dycler.vrp malware suffers from an insecure permissions vulnerability.
d419d0a70c54bee34fdf004edffc1f7cb5abcbbe87eb0efa654add780443518f
The call for papers for hardwear.io 2021 is open. It will take place July 9th through the 10th, 2021.
41f2f7a1cc68e7540cb4bf44eafb313d968d9ca6802b1ebeae31737fd6b4c2eb
Zoom versions 5.4.3 (54779.1115) and 5.5.4 (13142.0301) temporarily shares other application windows not in scope for sharing.
8edd2952731c5406247e59a26f231a47d2274297902c48d382bde6e4e4477b3b
SAPSetup Automatic Workstation Update Service 750 suffers from an unquoted service path vulnerability.
9cb9a475db9e3f4aa0fbcbec3e67d7163a35af29faed63f79768573f94e20917
Winpakpro version 4.8 suffers from multiple unquoted service path vulnerabilities.
4f393064ad089a914e798971df1dbb23b60694589ed0b4b5b8d1cefe8f5b4841