Ubuntu Security Notice 3996-1 - Kuang-che Wu discovered that GNU Screen improperly handled certain input. An attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service or the execution of arbitrary code.
7b9320a5e5a4b7de01fa3fdcf0fb52e7d67debc5a6b5cb03939a66b67a68318dDue to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext.
bf19d9111516d40322d38739d39310498750019c2b579269ac24b9a2f7e683b3Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext.
95e944e33b6b49156158226e4700374427c35dfaaa04a226bf39cb8debb11f9aDue to the use of a hard-coded cryptographic key, an attacker can put the integrity and confidentiality of encrypted data of all Siemens LOGO! 8 PLCs using this key at risk, for instance decrypting network communication during a man-in-the-middle attack.
fd53041141c43f3ef168910c3f5306ea1625eb1f860ca0581cc979bff7758f8cRed Hat Security Advisory 2019-1289-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include denial of service and traversal vulnerabilities.
295e04ff44625fe2b1afd775f67a1695a4c5c80d13c93f4b05ff3c6cc820a505Ubuntu Security Notice 3997-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin protections, or execute arbitrary code. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
b764bdd9b19cdcfafdbccefdf2eb5c2ed724329c12fa5941a2657ae46e5e37f6Ubuntu Security Notice 3845-2 - USN-3845-1 fixed several vulnerabilities in FreeRDP. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 18.10. Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 18.04 LTS and Ubuntu 18.10. Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. Eyal Itkin discovered FreeRDP incorrectly handled NTLM authentication. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.
03e0f2b0386c71326f3ec2373603df509289258f73ad85d03b0eb3bd88fa9b0eUbuntu Security Notice 3995-2 - USN-3995-1 fixed a vulnerability in keepalived. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Keepalived incorrectly handled certain HTTP status response codes. A remote attacker could use this issue to cause Keepalived to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
4f93c2c4c34be89ed55ee6d2a814d652253d98f3a1900c1ee4ac0f6b9dd09556Apple Security Advisory 2019-5-28-1 - iTunes for Windows 12.9.5 is now available and addresses code execution vulnerabilities.
a8cf3707208972e2c01ab0be87b5f8b46d4589494882930c1bde0e5d27962e38Apple Security Advisory 2019-5-28-2 - iCloud for Windows 7.12 is now available and addresses code execution vulnerabilities.
7a79e52f2785aa6d771b3218d0126c9cd1cf4aa23fb826e3656bc0117dd41406The Qualcomm Android kernel suffers from a use-after-free vulnerability via an incorrect set_page_dirty() in KGSL.
d1eaf5eaeeac362ce563227b34a9b558decbd017fd35378e6adfac048ff8284fMicrosoft Windows suffers from a deployment service local privilege escalation vulnerability that bypasses the fix for CVE-2019-0841.
caaa2612710f8787fcf3720235ce07701e951b4de14708d2dd49578f5a204107Free SMTP Server version 2.5 denial of service proof of concept exploit.
2849f3a8ffc6d468cc077bf5e6488730c5fd8b2595cf64a3bcd27c0e10c7df75WordPress WPAds plugin version 1.0 suffers from an open redirection vulnerability.
4291a6c8d7d95463d91e19f7103924f208da8f7166bce7ff3d32b3eaa1f737c3WordPress Nya-Comment-DoFollow plugin version 1.0 suffers from an open redirection vulnerability.
e6176a5a85376661135d3c377baab7c52eec225e5a784b2c6b883549d135f226
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed