Chrome suffers from a HRTFDatabaseLoader::WaitForLoaderThreadCompletion data race condition.
cbbb7af067da8a18782b6edada6db9b1b563f5bccf566cd7d4b1fd025dae8f61
Ubuntu Security Notice 5085-1 - It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service.
5fe7c3d7d05a36ab58f67129d65fc13380433a15c95ce07ca0061984054f5ed2
Red Hat Security Advisory 2021-3638-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.
2704f7d7f7834855254af3a08e31e1875339714538305d2b82dba5cf156dfce7
Apple Security Advisory 2021-09-20-10 - iTunes 12.12 for Windows addresses code execution vulnerabilities.
08f2003d8951f0c201309a7f8087e5aeef94b339affd03af4ae0b1d73e36ee76
Ubuntu Security Notice 5086-1 - Johan Almbladh discovered that the eBPF JIT implementation for IBM s390x systems in the Linux kernel miscompiled operations in some situations, allowing circumvention of the BPF verifier. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
d2a74f8984e5fde4745aecedd98ea9dfb3d111cb733f58ed437bf13e0649d113
OpenCats version 0.9.4-2 suffers from an XML external entity injection vulnerability.
0c41b4f8b44d8bbbada0f821ae499c79622fe446c1143134a57ed92d2b3a4164
Apple Security Advisory 2021-09-20-9 - iTunes U 3.8.3 addresses a code execution vulnerability.
16919b5b479796f5c99801f855bd2c74a6a87624ed2f59e1b37210dd28c1f873
E-Negosyo System version 1.0 suffers from a remote shell upload vulnerability.
d5ce3db7579101a4d8dc1ae965c1799655b8e02395c4450606eb36f1f430b2f4
E-Negosyo System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.
230aba72f8107f8555be48d76537b1f6c27a1b36b213bf98f58c7f7c6b9baf2c
Apple Security Advisory 2021-09-20-8 - Security Update 2021-005 Catalina addresses buffer overflow, bypass, code execution, denial of service, integer overflow, and out of bounds read vulnerabilities.
79bf45f74bddb8486f12ed4c29b3e71e76e1ff0dc36d435c9b6adc6c23122cc0
e107 CMS version 2.3.0 authenticated remote shell upload exploit.
503caef30c7aa6c3437f98cfc0ba2025433c35ec41208ba247fce01ab84eb4a3
Ubuntu Security Notice 5073-3 - Norbert Slusarek discovered that the CAN broadcast manger protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information. Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code on systems with a joystick device registered. Various other issues were also addressed.
54229c6485d89ba4f6823e5d92635e12f16c9f00cf3975395a04c4e81124b2eb
Apple Security Advisory 2021-09-20-7 - macOS Big Sur 11.6 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds read, and use-after-free vulnerabilities.
1b7116003ae9324faabf7c874f2002ab9bb8a2edd95f965df9b3b9f451f0674a
Online Reviewer System version 1.0 suffers from a remote shell upload vulnerability.
f68db9af4a81fb00f2eef1c949bb21162e2bcf69ab3a9ba40a5634c740dba9b3
Red Hat Security Advisory 2021-3639-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.
9af482c5f609c49bcc196fd310a95efd28a894a47260f53bda01540c21a0be32
South Gate Inn Online Reservation System version 1.0 suffers from a remote SQL injection vulnerability that allows for a shell upload.
1575339e7ea6afdc09eda6a25883cf1a167e54ab2a1a1104042a8f13bb94d1d2
Apple Security Advisory 2021-09-20-6 - iOS 14.8 and iPadOS 14.8 addresses code execution, denial of service, integer overflow, and use-after-free vulnerabilities.
b4bb452003d59697e054354295ed98806d13ed94329af6f68cfea0ee37b1afc6
Apple Security Advisory 2021-09-20-5 - Safari 15 addresses code execution vulnerabilities.
8d88ba7ec5a645c4077e2665c419ac11e3b551ad317cefddb6b9e17450344a3e
Apple Security Advisory 2021-09-20-4 - Xcode 13 addresses multiple issues in nginx.
e298f65735c01199cc9782cb84a35d40ade27a44f1619154f005170a70f23d97
Sentry version 8.2.0 suffers from a remote code execution vulnerability.
249a158d8d8fa5fc36aa401e15b178e9c7c839ad3d347fa1790f3273f16a0db9
Filerun version 2021.03.26 authenticated remote code execution exploit.
068ea600088deb054970019b6097e4c59130001835d75ca069250373c45602cd
Ubuntu Security Notice 5071-3 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code on systems with a joystick device registered. Various other issues were also addressed.
63399d9c49059cdc5bb64c4bf9375adf331d0157df9b1c540a9a4d22a0397474
Apple Security Advisory 2021-09-20-3 - tvOS 15 addresses code execution and denial of service vulnerabilities.
f99e4a59e3162074fd25d9c0203298f65b269e400c4ac2bfea4838990ff4d02d
TotalAV version 5.15.69 suffers from an unquoted service path vulnerability.
b4067cdc2ae6c288bb17fdcb1944098805ac09b753348b941b1e2a016ca7d586
Apple Security Advisory 2021-09-20-2 - watchOS 8 addresses code execution and denial of service vulnerabilities.
81cbe9c33ec00646f35a9f6941b76f9f5953d8ccc7315479e363acd9ec1d7b45