Ubuntu Security Notice 3871-4 - USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
a11206552fc0cabc9183c5f6c62349248af6aeafede8241f7d11f3a3f97109b7
Red Hat Security Advisory 2019-0271-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a stack overflow vulnerability.
ff905303c6db54649d5fbd7e6c6d3027bf65a74efe6d252c36eae5d30cb0db93
Red Hat Security Advisory 2019-0269-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.5.0. Issues addressed include a use-after-free vulnerability.
a790814cd402b889e67c53fc78af31bd83ad8ded1575ebef5d56274bf3221baf
Red Hat Security Advisory 2019-0270-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.5.0. Issues addressed include a use-after-free vulnerability.
ffad4a50b00fb9b83e281fa8bea84e96d405751b5a836bb99de3d9b79acc3c25
Red Hat Security Advisory 2019-0265-01 - Red Hat Gluster Storage Web Administration includes a fully automated setup based on Ansible and provides deep metrics and insights into active Gluster storage pools by using the Grafana platform. Red Hat Gluster Storage WebAdministration provides a dashboard view which allows an administrator to get a view of overall gluster health in terms of hosts, volumes, bricks, and other components of GlusterFS. Issues addressed include open redirection and other vulnerabilities.
9d82018522de2fc347d4ee6b64d2daefaabd198db26dc0e3fcb5e963a8e2768e
Debian Linux Security Advisory 4383-1 - Pavel Cheremushkin discovered several vulnerabilities in libvncserver, a library to implement VNC server/client functionalities, which might result in the execution of arbitrary code, denial of service or information disclosure.
15aa8b5caceabb75fc63852264b9817afd4fa46634c3111f68f5a5c122748e09
WordPress Ultimate-Member plugin version 2.0.38 suffers from cross site request forgery and remote shell upload vulnerabilities.
432fd3082d6d4049b58a89e70218cd636d63535ac2c70d8cb3b9ab78cd8ea0a1
Joomla Jumi component version 3.0.5 suffers from database disclosure and remote SQL injection vulnerabilities.
b058c83f1036b76dc6bf32fd32e1b1ac336d46aed97b3ba67de3945dacb3901a
Joomla JoomLeague component version 2.x suffers from database disclosure and remote SQL injection vulnerabilities.
239b411f978b50365ae9dea601b23e3af7815830323560c810521826040b0e7e
Joomla Jomres component version 9.16.1 suffers from a remote SQL injection vulnerability.
d3ffd7cb3ceeedc949f8b361d9f36daa5d4fe78a39b64406b3c17fe39d325888
Joomla FacileForms component version 1.4.7 suffers from a remote SQL injection vulnerability.
d446890a04eea516cac433a6cee6625ddfcf42607fec62608556cd77cc7162b2
Joomla Acajoom component version 5.1.5 suffers from a remote SQL injection vulnerability.
f6f0949331caf10ae9a0b90a466a1bd2118c225383a816f7549999626c2c5d8f
Joomla WebMapPlus component version 1.0 suffers from a remote SQL injection vulnerability.
39aa664d6249af5da1b5e2a423d3bd04ce2585963be8e5bc00460dae57ae3ae7
Joomla RedShop component version 2.0.0.3 suffers from database disclosure and remote SQL injection vulnerabilities.
aa155de883ef2b47301f6125342016ce8e974eb99f9f2a2d882e9da1bd6cbd82
Joomla PhotoMapGallery component version 1.0 suffers from a remote SQL injection vulnerability.
888f2e4fe83ff94f405ab0f7969f3fa352db66abd4350c771f11e6b6011cc8a3
Joomla PhocaDownload component version 3.1.7 suffers from database disclosure and remote SQL injection vulnerabilities.
fc9d14ba73683538fef80241a6ea9b352e0498accbf4a6caf61945d0ee179aab
Joomla Ninja RSS Syndicator component version 2.0.5 suffers from a remote SQL injection vulnerability.
b3e943cb990d1a33c6e44372540bb2622d215e95bb2a6c83b04c9cde2357db8e
Joomla Mailto component version 1.2.2.2 suffers from a remote SQL injection vulnerability.
5ed9c5e07558c6cd956ec04dcb92d6e1aa5d1776bb41934ebb93dfd7b1bb6ca7
Joomla K2 component version 2.9.0 suffers from database disclosure and remote SQL injection vulnerabilities.
81eda3764ea43fde5a2aca4b0d3a2622406b1bbb608f2ecd7765a25edfc77b75
Joomla DocMan component version 3.3.4 suffers from a remote SQL injection vulnerability.
40efe56cd2f9f86fe514c89d906a2f5a27c5678be4ca2702f122238894fd5318
Joomla BF Survey Pro component version 2.13.1 suffers from a remote SQL injection vulnerability.
c482f5c29d9086c666466af7c6ae1a32d14dd344b0328707a33db97ee411d167
Joomla ActivityManager component version 5.3 suffers from a remote SQL injection vulnerability.
2b194b5995a8588f78d733321d2ffa6b6b2e173736bdb5f89ee1892956722e56
Joomla RSForm component version 1.5 suffers from database disclosure and remote SQL injection vulnerabilities.
d882560a12637951943225a41fcba7384756f7f20994323d08737db732d8bc16
Joomla FSF FreeStyle FAQs component version 1.11.18 suffers from database disclosure and remote SQL injection vulnerabilities.
ea00ec9cef15c9981c193b0bf81d1c7f2159bedb1ba261cb8dd837051e81e340
Joomla ComProfiler Community Builder component version 2.4.0 suffers from database disclosure and remote SQL injection vulnerabilities.
47f16d4e19571dec0e4ff7151939db5a4cecdb329537ceda8ff986831130e943