Ubuntu Security Notice 3871-4 - USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
a11206552fc0cabc9183c5f6c62349248af6aeafede8241f7d11f3a3f97109b7Red Hat Security Advisory 2019-0271-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a stack overflow vulnerability.
ff905303c6db54649d5fbd7e6c6d3027bf65a74efe6d252c36eae5d30cb0db93Red Hat Security Advisory 2019-0269-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.5.0. Issues addressed include a use-after-free vulnerability.
a790814cd402b889e67c53fc78af31bd83ad8ded1575ebef5d56274bf3221bafRed Hat Security Advisory 2019-0270-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.5.0. Issues addressed include a use-after-free vulnerability.
ffad4a50b00fb9b83e281fa8bea84e96d405751b5a836bb99de3d9b79acc3c25Red Hat Security Advisory 2019-0265-01 - Red Hat Gluster Storage Web Administration includes a fully automated setup based on Ansible and provides deep metrics and insights into active Gluster storage pools by using the Grafana platform. Red Hat Gluster Storage WebAdministration provides a dashboard view which allows an administrator to get a view of overall gluster health in terms of hosts, volumes, bricks, and other components of GlusterFS. Issues addressed include open redirection and other vulnerabilities.
9d82018522de2fc347d4ee6b64d2daefaabd198db26dc0e3fcb5e963a8e2768eDebian Linux Security Advisory 4383-1 - Pavel Cheremushkin discovered several vulnerabilities in libvncserver, a library to implement VNC server/client functionalities, which might result in the execution of arbitrary code, denial of service or information disclosure.
15aa8b5caceabb75fc63852264b9817afd4fa46634c3111f68f5a5c122748e09WordPress Ultimate-Member plugin version 2.0.38 suffers from cross site request forgery and remote shell upload vulnerabilities.
432fd3082d6d4049b58a89e70218cd636d63535ac2c70d8cb3b9ab78cd8ea0a1Joomla Jumi component version 3.0.5 suffers from database disclosure and remote SQL injection vulnerabilities.
b058c83f1036b76dc6bf32fd32e1b1ac336d46aed97b3ba67de3945dacb3901aJoomla JoomLeague component version 2.x suffers from database disclosure and remote SQL injection vulnerabilities.
239b411f978b50365ae9dea601b23e3af7815830323560c810521826040b0e7eJoomla Jomres component version 9.16.1 suffers from a remote SQL injection vulnerability.
d3ffd7cb3ceeedc949f8b361d9f36daa5d4fe78a39b64406b3c17fe39d325888Joomla FacileForms component version 1.4.7 suffers from a remote SQL injection vulnerability.
d446890a04eea516cac433a6cee6625ddfcf42607fec62608556cd77cc7162b2Joomla Acajoom component version 5.1.5 suffers from a remote SQL injection vulnerability.
f6f0949331caf10ae9a0b90a466a1bd2118c225383a816f7549999626c2c5d8fJoomla WebMapPlus component version 1.0 suffers from a remote SQL injection vulnerability.
39aa664d6249af5da1b5e2a423d3bd04ce2585963be8e5bc00460dae57ae3ae7Joomla RedShop component version 2.0.0.3 suffers from database disclosure and remote SQL injection vulnerabilities.
aa155de883ef2b47301f6125342016ce8e974eb99f9f2a2d882e9da1bd6cbd82Joomla PhotoMapGallery component version 1.0 suffers from a remote SQL injection vulnerability.
888f2e4fe83ff94f405ab0f7969f3fa352db66abd4350c771f11e6b6011cc8a3Joomla PhocaDownload component version 3.1.7 suffers from database disclosure and remote SQL injection vulnerabilities.
fc9d14ba73683538fef80241a6ea9b352e0498accbf4a6caf61945d0ee179aabJoomla Ninja RSS Syndicator component version 2.0.5 suffers from a remote SQL injection vulnerability.
b3e943cb990d1a33c6e44372540bb2622d215e95bb2a6c83b04c9cde2357db8eJoomla Mailto component version 1.2.2.2 suffers from a remote SQL injection vulnerability.
5ed9c5e07558c6cd956ec04dcb92d6e1aa5d1776bb41934ebb93dfd7b1bb6ca7Joomla K2 component version 2.9.0 suffers from database disclosure and remote SQL injection vulnerabilities.
81eda3764ea43fde5a2aca4b0d3a2622406b1bbb608f2ecd7765a25edfc77b75Joomla DocMan component version 3.3.4 suffers from a remote SQL injection vulnerability.
40efe56cd2f9f86fe514c89d906a2f5a27c5678be4ca2702f122238894fd5318Joomla BF Survey Pro component version 2.13.1 suffers from a remote SQL injection vulnerability.
c482f5c29d9086c666466af7c6ae1a32d14dd344b0328707a33db97ee411d167Joomla ActivityManager component version 5.3 suffers from a remote SQL injection vulnerability.
2b194b5995a8588f78d733321d2ffa6b6b2e173736bdb5f89ee1892956722e56Joomla RSForm component version 1.5 suffers from database disclosure and remote SQL injection vulnerabilities.
d882560a12637951943225a41fcba7384756f7f20994323d08737db732d8bc16Joomla FSF FreeStyle FAQs component version 1.11.18 suffers from database disclosure and remote SQL injection vulnerabilities.
ea00ec9cef15c9981c193b0bf81d1c7f2159bedb1ba261cb8dd837051e81e340Joomla ComProfiler Community Builder component version 2.4.0 suffers from database disclosure and remote SQL injection vulnerabilities.
47f16d4e19571dec0e4ff7151939db5a4cecdb329537ceda8ff986831130e943
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed