Red Hat Security Advisory 2021-3392-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
e47e4d14b0ae67db04fbc7a20104b0f0cc8692caeb479fc8e354bfa4116f4881Ubuntu Security Notice 5058-1 - It was discovered that Thunderbird didn't ignore IMAP server responses prior to completion of the STARTTLS handshake. A person-in-the-middle could potentially exploit this to trick Thunderbird into showing incorrect information. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
d439dc830ff759d365c01af29919212afc94c2f9e8414adca8c017e63f81126fRed Hat Security Advisory 2021-3381-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
64ce0e25045c339f14c4a8015442e0483e1eed693fd40f56c2b86d3191f7fd92Red Hat Security Advisory 2021-3366-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a crlf injection vulnerability.
510340d830e021ea7bc5ad295e4ef03442c4d6577a6b00cde3a476a7d1655aebHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.
9020396ff933693e310b479b641e86f1783d9819d60d1d907752ad8d24a60c31Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.
be6abeca5ab5b06a17850c69e954e7124d91ecdb5844b75e4df548158cbc9514Red Hat Security Advisory 2021-3363-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.
1f8f21e611320f4e79e73a3064cf1dab34e3b8f319ead8c25c286bd61668aeb0Red Hat Security Advisory 2021-3365-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include a code execution vulnerability.
78001f6c9639c547e5c02f6d2d0eb6af89b0679a44464bb574d3fe49f62bc0e8Red Hat Security Advisory 2021-3364-01 - The microcode_ctl packages provide microcode updates for Intel. Issues addressed include information leakage and privilege escalation vulnerabilities.
8be2838ca9398ff6abce781afdf077560075df20b0847d6a508d16dcc44b1757Ubuntu Security Notice 5057-1 - Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem.
fc68e85943f3093a413a6734ddf00fce253b4a9090f9a1fe4c489107c28a5335Ubuntu Security Notice 5054-1 - Felix Wilhelm discovered a buffer overflow flaw in the mod_proxy_uwsgi module. An attacker could use this vulnerability to provoke an information disclosure or potentially remote code execution.
70d6543ac9f81870c4535f25be6f6b04322fedfa864ce47348fe2904ac701203Ubuntu Security Notice 5056-1 - It was discovered that APR incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.
5abb082578b725492a47ce38729a9b78f76731afd77f35cb2360e59bf9790be3BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an authenticated remote code execution vulnerability.
49197fb2cfb022676fde90bcac4d9316f667e46b26bff72013da082a88e9e04fBSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an XML tag injection vulnerability.
0c56c88ea69c8de1bff4db2aee1d3ede8a753424e728d03ae82775f025eaea03Red Hat Security Advisory 2021-3327-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and privilege escalation vulnerabilities.
b20ba2534d111110aaf1bd0add4dc3ab65b04821835470cce71af9635bd44116Backdoor.Win32.Hupigon.aejq malware suffers from a traversal vulnerability.
11b3b0952584c5f99c0df4ddd7b8b6e771a3bdab508ca14fadae5640d3a5dc3fBackdoor.Win32.Hupigon.aejq malware suffers from a man-in-the-middle vulnerability.
6515f7b9f9c5399c19813559ecb345dab2ea9b3fe486bd17c53628d2ab6371f3Backdoor.Win32.Hupigon.aejq malware suffers from bypass and code execution vulnerabilities.
948f5f0c7f28c2b0b82dc92a672391a300526cc69a9fd8dc43fa4dfc4f88783aThis is an LLVM based tool to audit Linux kernel module security using both pointer and taint analyses that are flow-sensitive, context-sensitive, and fieldsensitive on kernel drivers. It is port of Dr. Checker.
1fd358d47de323bd7dadfb4148d4c52f11fe6a9eca3e9dbc43431082fd5c62a9Backdoor.Win32.BO2K.11.d malware suffers from a buffer overflow vulnerability.
42598038ae754d2698dc25471a6b3ccc010ee8c61db15312c3865ce62639d9f0Red Hat Security Advisory 2021-3328-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, out of bounds write, and privilege escalation vulnerabilities.
4f52d608a26aeced8b46022c6a00a641c50b6115116bab7260c93d4977dbab6aRed Hat Security Advisory 2021-3325-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
00047b24e87b3eaf6b4ca496d3d25dd3173b92f455ce2b9b385616a1bf9a6f89Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to remote code execution while cloning a repository. Usage of clean / smudge filters through Git LFS and a case-insensitive file system changes the checkout order of repository files which enables the placement of a Git hook in the .git/hooks directory. By default, this Metasploit module writes a post-checkout script so that the payload will automatically be executed upon checkout of the repository.
e98b3afb62859d7020a7dd7d9fa1db727066effb6fcaf6be5eb8fbff19874b9dGnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.
cc636d6e22a673993d94814c09be469df2ce27a0c66b1cab39bbab1786cf2184Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
fe550981d370abfa0a29671346cc0b038229a9bd90b239eab0f01f12212df618
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed