Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadAllocFormat12CharGlyphMapList.
13242e827b1f0a3ff93c57d1a71e5f493fc85117660e0d5e79eebecfaf18ab70Gentoo Linux Security Advisory 201908-13 - Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in the arbitrary execution of code. Versions less than 6.2.5.2 are affected.
8f091f7544a0f105ddae541f4832675af1ebbd257efb5837882ad961754f78adGentoo Linux Security Advisory 201908-12 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 60.8.0 are affected.
9c1b71d78a94d040a45e2a38d652fada76b7a84a057a50826157ff452c810ac7Gentoo Linux Security Advisory 201908-11 - Multiple vulnerabilities have been found in libarchive, the worst of which could result in the arbitrary execution of code. Versions less than 3.3.3 are affected.
e0bd3ea7b7edcdb24d043dbac468778fc34e4737ee64922412ca5c16acd4087fRed Hat Security Advisory 2019-2505-01 - ironic-inspector is an auxiliary service for discovering hardware properties for a node managed by Ironic. Hardware introspection or hardware properties discovery is a process of getting hardware parameters required for scheduling from a bare metal node, given its power management credentials. Issues addressed include a remote SQL injection vulnerability.
4834e9f0cab4a596b4f82c32a8052d425f6d9f6012fe0735cc713d5a7c11fb05Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadTableIntoStructure.
544427667509a091f6d7efe745438ad65a9a17d6c0bfcf266fd3e755022d8081Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in FixSbitSubTables.
f46d17c954f6e94d032c69f8511236395dead5379f423b21f856132b36934f44Microsoft Font Subsetting DLL suffers from a double free vulnerability in MergeFormat12Cmap / MakeFormat12MergedGlyphList.
e29f02948fd332ebe7380f90073aaba9ef4f2e354110987119fdb6b3fe07c0e4Gentoo Linux Security Advisory 201908-10 - Multiple vulnerabilities have been found in Oracle's JDK and JRE software suites. Versions less than 1.8.0.202:1.8 are affected.
92eaf04612298402d520565d158aa4cdf0610a9748c3117d082bf3e1de650ebcRed Hat Security Advisory 2019-2503-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a cross site request forgery vulnerability.
f012531b1f32448bfdd5aa2590a61478d680886552a677c76a300f1e28deabbbMicrosoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in GetGlyphIdx.
9840199e16c8736422d5492c789d03b84c0e50af20ddc637d17924f826b4c265The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts. It has an issue where it returns a dangling pointer via MergeFontPackage.
b7462443e93a2f335edb0fa0cb618f1ca09b68a645524a4da907045e4cbecac9Adobe Acrobat CoolType (AFDKO) performs a call from uninitialized memory due to an empty FDArray in Type 1 fonts.
ee99bdb3d2d2a70010bf2a086b44062bad866bcffaebcb151253aa34f15fa2e0Adobe Acrobat CoolType (AFDKO) suffers from a memory corruption vulnerability in the handling of Type 1 font load/store operators.
fffe2236225f9e4d3de8ed6ad23bf638c3e2c3dd9c3515264d5d9e52c22749eaThe Call For Papers has been announced for REVULN 19Q4, an international cyber-security conference taking place December 11th and 12th, 2019 in Hong Kong at the Best Western Plus Hotel Hong Kong.
58756d13e8c5f3bb7fac9a0a86dbf56e940f233ba2c696c8f74c182205d4831fGentoo Linux Security Advisory 201908-9 - Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code. Versions less than 3.28.0 are affected.
6e8bafc85badfcbe11ee46868cd222db448d85b186e1ed5b588e49fb24867767Gentoo Linux Security Advisory 201908-8 - Multiple vulnerabilities have been found in CUPS, the worst of which could result in the arbitrary execution of code. Versions less than 2.2.8 are affected.
55f806f8d175858ec36ed5739e331f1d79b4fb0e3d73c0b0a52423f13c2a5e81Gentoo Linux Security Advisory 201908-7 - A vulnerability has been found in KDE KConfig that could allow a remote attacker to execute arbitrary code. Versions less than 5.60.0-r1 are affected.
756b1d5aebf9181f115da61fc0570235d2b4b76cbc6323f489ba8caf46b8d6c0Red Hat Security Advisory 2019-2499-01 - The ovirt-engine-metrics package is used to collect and enrich metrics and logs from the Red Hat Virtualization Manager, hosts, and virtual machines. It includes Ansible scripts that configure Collectd and Fluentd on the Red Hat Virtualization Manager and hosts. It also stores remote metrics parameters. A password disclosure issue was addressed.
927e8c045ab29cef9cbedcf6b115a53c867d9897d78f654253a6c9062e01534fThis Metasploit module exploits a command injection vulnerability in the Tesla Agent botnet panel.
876b39d059c2458870a9edb00f5e9ea2bde939c9e1996b04940938a90e33aa73Gentoo Linux Security Advisory 201908-6 - Multiple vulnerabilities have been found in glibc, the worst of which could result in a Denial of Service condition. Versions less than 2.28-r4 are affected.
d57c71da1983c5339fb8ee927bb16a395645d5b48f7d4e5bfc264df20d515872Red Hat Security Advisory 2019-2504-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An access issue was addressed.
af4e941d45cfeb39da3e7e5abc6d60a4e232332fcc05287781031844719c678cRed Hat Security Advisory 2019-2494-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.
301774e4eb7fa31f05e30ee1408ff71a60bbb9a6a99b4c002a505cd5c28cc4b0Red Hat Security Advisory 2019-2495-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.
afa744f86702652e505450d7a9ebe737e7e5cc662c030d48145a4b72acddf732Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
c1cd40227aabac3ba9908c6673026b5520dd37e641ca9086090d9867e7df5db0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed