Red Hat Security Advisory 2019-0415-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a race condition vulnerability.
21480fe02116b1998f4a25a82c619e388937930d0a494affab02c1646b7ebe5bRed Hat Security Advisory 2019-0420-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include an auth hijacking vulnerability.
9d215922debd8fb7cdfec01420ddbc6e0b621cb31a7eaaea23b02be171fb8e8dDomainMOD version 4.11.01 suffers from a cross site scripting vulnerability in the custom domains fields page.
b7f2bf6a2c81c5c51b98752fce5e1a6eef8695a29d0c56a434778c0e32ac0dd745 bytes small Linux/x86 XOR encoder and decoder shellcode tool.
53cc6383c1503adc9fee0b000a25b33ee5a694c3e686d5c465a656763c1d5585vBulletin version 4.2.0 with ChangUonDyU Chatbox plugin version 3.6.0 suffers from cross site scripting vulnerabilities.
bb1231371b917c4f9e749a0a46ebf3e8059e33f4abd5c0f9cd3a8c41f8b16d9aUbuntu Security Notice 3894-1 - It was discovered that GNOME Keyring incorrectly cleared out credentials supplied to the PAM module. A local attacker could possibly use this issue to discover login credentials.
a20948c7dee901d679f7307e7614b3e46af63d7076b753513dd72f2fc7cac6faRed Hat Security Advisory 2019-0408-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a file descriptor handling issue in runc.
f242eb1bc1a662c6c05d8031be82a78052768334224c021465f22ec8423fba33SQLiteManager versions 1.2.0 and 1.2.4 suffer from a remote blind SQL injection vulnerability.
f05d89a50e34425c7eaf33707af3151232c78c66c9d035d35ba381c9d994a25eUbuntu Security Notice 3866-3 - USN-3866-2 fixed a regression in Ghostscript. The Ghostscript update introduced a new regression that resulted in certain pages being printed with a blue background. This update fixes the problem. Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service. Various other issues were also addressed.
d69d2295984ccb007c24c8b395ba6bff41749e2b0e745bf4389a35e822f816efOpenSSL Security Advisory 20190226 - If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data.
7b85f385cb07ba1c0a0620e5de69b40ca553365965e5ac92f646e4272b637156The SVG nanosvg library suffers from a denial of service vulnerability due to a memory corruption bug.
7121b6e7ae15be24c467211cf5138837d1daec8f142753d900feb0b312c45854DomainMOD versions 4.11.01 and below suffer from a cross site scripting vulnerability in registrar-account.php.
fb3c13ee5af93f58179b2e96839a21d0698d43b4060a3967b40103aa4ebee593DomainMOD versions 4.11.01 and below suffer from a cross site scripting vulnerability in the custom SSL fields add.php.
05977e11b73c2833fdaaa501773507091579ef308f50b23ef32bf547ae473766DomainMOD versions 4.11.01 and below suffer from a cross site scripting vulnerability in the Owner name field of account-owner.php.
8c6b6d9c8b5f3e4f493937dfa8e671e080e63b3584701e1afadc6cba200d3bd8DomainMOD versions 4.11.01 and below suffer from a cross site scripting vulnerability in DisplayName.
cb91c00941125ee2f7193c04c0e240436467bcbf4a2b525960e7bf0a33a4ec57DomainMOD versions 4.11.01 and below suffer from a cross site scripting vulnerability in registrar-accounts.php.
5453682baf4f30abc0308fc88b1bc6db6d1e94273321de2a9f1434671de78292DomainMOD versions 4.11.01 and below suffer from a cross site scripting vulnerability in ssl-provider-name.
443161783c25f17c28f2be48b93c707ae727e8621f6a955693c68bfe15ff19beDomainMOD versions 4.11.01 and below suffer from a cross site scripting vulnerability in ssl-accounts.php.
f543434e1aa6b15eb87c0fde3885510f0c1215590995a0b0d40b982532fedb84DomainMOD versions 4.11.01 and below suffer from a cross site scripting vulnerability in category.php.
76e673fe1daced79a431afe37ce643bb15c42edfa5b1d651403002d181e6ab24Simple Online Hotel Reservation System suffers from bypass and remote SQL injection vulnerabilities.
92532338eb50a34e5cd0249a6061d933aee559640ce2b33fd389d8c6ac0686a6Researchers from Ruhr-University Bochum in Germany have broken digital signatures on PDFs and managed to create fake signatures on 21 of 22 viewer apps and five out of the seven online PDF digital signing services. This archive contains both whitepapers produced by the university.
88efe7b286cbc56d82c5c5093004db6c1d519f7e41fd7cd34e4b3af7a7a513a3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed