Ubuntu Security Notice 4944-1 - This update fixed multiple vulnerabilities in MariaDB. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.48. Ubuntu 20.04 LTS has been updated to MariaDB 10.3.29. Ubuntu 20.10 has been updated to MariaDB 10.3.29. Ubuntu 21.04 has been updated to MariaDB 10.5.10.
41aad290104a4ba7d10a432cf399f743b4f64da41a74fc726401f05a3988782e
Customer Relationship Management (CRM) System version 1.0 suffers from a remote shell upload vulnerability.
1091d6e41b67956c338cca57235919b6b66f79f4f40c8226a90085501fdd3499
Customer Relationship Management (CRM) System version 1.0 suffers from a persistent cross site scripting vulnerability.
5d8c013d3ababb02303470e6d0f0ad5948929de7907d9975b2b75b48b5854b78
Customer Relationship Management (CRM) System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
133233ca2c85b24072c66cdb5a7cf10f1032063a48d5e123817a602377ea650f
Hexagon G!nius Auskunftsportal versions prior to 5.0.0.0 suffer from a remote SQL injection vulnerability.
c6a743b65f42176154a7e3bac0964f42836cd17dcc9caed7c23d86e5c712fbab
MikroTik's RouterOS suffers from multiple memory corruption vulnerabilities. Various versions are affected.
db5d7fa65930b9710b80f0c424d888eade1e18945b75c10be7be6d7c0cc4bcf5
ERPNext versions 12.18.0 and 13.0.0 suffer from reflective and persistent cross site scripting vulnerabilities.
699a6d07a77fc3e81b2deafe5caea2a355ca696143d694138925ef128a29180b
ERPNext versions 12.18.0 and 13.0.0 suffer from an authenticated remote SQL injection vulnerability.
523163a0deb062c88867d1adebaf1f37f29d520b23f43bd038e1cf829c50a149
SIS-REWE GO version 7.5.0/12C suffers from multiple cross site scripting vulnerabilities.
cf57e1ea5b94b158d4041349a0500d013dd5f4797be8de63faf32cf9759b8347
Red Hat Security Advisory 2021-1532-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
cc0928aecacd4f75257d1b212857779f7fe134f09ee2bbadde9f2cc482bdcdae
Red Hat Security Advisory 2021-1531-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and out of bounds write vulnerabilities.
342af24d3706d582f6305539e856e3a55e0bebe3466915e1c717cfb30a19713c
Ubuntu Security Notice 4943-1 - Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. This issue affected only affected Ubuntu 20.10. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. This issue only affected Ubuntu 20.10. Various other issues were also addressed.
dd998f8644e72fd98d617b4dba7e225b2de67f8f73e732f634c3bba0ec431eac
Ubuntu Security Notice 4942-1 - A race condition was discovered in Web Render Components. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code.
78af0424a4947676369c5811ad22fdf8717b0c3d6b4572c5553fb4c8c5ad3807
Ubuntu Security Notice 4941-1 - It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Various other issues were also addressed.
c7f455564a355f48a5da5d5d7745d51f4f11fe4739a0648ff2f06e273973c777
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
57ded091e8bcdcebb0013fe7ef4a4439827cb169358c7874fd05fa00d813e227
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
c7359a388c829df667432d912d43bbd5c5f917763d20bffe0a998b6b714a8bb6
Mozilla's Firefox 85 for Windows has a weak DACL for domain networks.
08a69b8cf9242eaeeea1530f769b9003a468a4abf7dde3f7e851a23a5711e542