OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
c0a8427de241118dccbf7abc508e4dd53fb75b45e9f386addbadae7ecc092756
Ubuntu Security Notice 5077-1 - Maik Münch and Stephen Roettger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use this issue to gain read access to arbitrary files, possibly containing sensitive information.
8ceee0393cec4ea564414a8beb7ae5cb9f26c40d07fd0fdcbc65bc35cfb30b0b
Red Hat Security Advisory 2021-3534-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.9 serves as a replacement for Red Hat Single Sign-On 7.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include denial of service and traversal vulnerabilities.
c46bdad703dcc26f6f326ad50ed84ba22b6c1eae40ebaaa4f28523e0035a4a75
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host’s physical memory. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Various other vulnerabilities were also addressed.
051e461652f3d7e1d5f1bd5ab2e8d9f2f9a398877fa90de84818f4955d1a2074
DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross site scripting vulnerabilities.
cd1280c0a733c7ae32690915156fcd9e503592c3a27e1b316f1186f9264593bd
Red Hat Security Advisory 2021-3527-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.9 serves as a replacement for Red Hat Single Sign-On 7.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
da4fac932c9c8f1037a515fb223b4f0e0f550ba68ed3c7e876625d2a658df14c
Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially remote code execution with privileges of the running process.
bcece9074fff2d52274f17c6d4979214834ae5a855709f997bd265bfd66f6259
Red Hat Security Advisory 2021-3529-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.9 serves as a replacement for Red Hat Single Sign-On 7.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
9e1f2347d7e91fda5d978e5f2bdeb09b6682e5286d9065736dc5945d549212b1
Red Hat Security Advisory 2021-3516-01 - These are CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP2 code base. Issues addressed include denial of service and traversal vulnerabilities.
864848f192b5e325f0720ddc7aa228f033358f8d6e4a48c850b74f908fb52333
Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 have a web interface called AlphaWeb XE that allows for a remote shell upload.
db3e0721685ee34c318d514cffb76f972c85d297a6080f1d2a9693cb1d01d628
Red Hat Security Advisory 2021-3528-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.9 serves as a replacement for Red Hat Single Sign-On 7.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
63fae7a242bc6445a713fa5eb6665a480e22edea0c12f32f5aaf5a8a3224ce6a
Red Hat Security Advisory 2021-3522-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.
278d2ed0c28bf6ba05340a155eedabad14fb059810dc71e27737038d8af09c83
Red Hat Security Advisory 2021-3523-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.
bdb0a589be9a82bc80e26fb172ccb2ff8eb347e0cd4360a09c342425bdded3fb
Facebook ParlAI version 1.0.0 suffers from a deserialization vulnerability that can allow for code execution.
9da634b02b722fa3af05ba67e9c19879fb1f0cd3947fbdb6dd88459cdf7aac56
Purchase Order Management System version 1.0 suffers from a remote shell upload vulnerability.
adbec2ba2a2b77b4a8198e5ede57e1dc118d478d21f0f9e1393f1c542e410439
Active WebCam version 11.5 suffers from an unquoted service path vulnerability.
519c9c46fc0095e44a9bf04b7728357cce3f079549e491411eb144b1eded576c