Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadAllocFormat12CharGlyphMapList.
13242e827b1f0a3ff93c57d1a71e5f493fc85117660e0d5e79eebecfaf18ab70
Gentoo Linux Security Advisory 201908-13 - Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in the arbitrary execution of code. Versions less than 6.2.5.2 are affected.
8f091f7544a0f105ddae541f4832675af1ebbd257efb5837882ad961754f78ad
Gentoo Linux Security Advisory 201908-12 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 60.8.0 are affected.
9c1b71d78a94d040a45e2a38d652fada76b7a84a057a50826157ff452c810ac7
Gentoo Linux Security Advisory 201908-11 - Multiple vulnerabilities have been found in libarchive, the worst of which could result in the arbitrary execution of code. Versions less than 3.3.3 are affected.
e0bd3ea7b7edcdb24d043dbac468778fc34e4737ee64922412ca5c16acd4087f
Red Hat Security Advisory 2019-2505-01 - ironic-inspector is an auxiliary service for discovering hardware properties for a node managed by Ironic. Hardware introspection or hardware properties discovery is a process of getting hardware parameters required for scheduling from a bare metal node, given its power management credentials. Issues addressed include a remote SQL injection vulnerability.
4834e9f0cab4a596b4f82c32a8052d425f6d9f6012fe0735cc713d5a7c11fb05
Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadTableIntoStructure.
544427667509a091f6d7efe745438ad65a9a17d6c0bfcf266fd3e755022d8081
Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in FixSbitSubTables.
f46d17c954f6e94d032c69f8511236395dead5379f423b21f856132b36934f44
Microsoft Font Subsetting DLL suffers from a double free vulnerability in MergeFormat12Cmap / MakeFormat12MergedGlyphList.
e29f02948fd332ebe7380f90073aaba9ef4f2e354110987119fdb6b3fe07c0e4
Gentoo Linux Security Advisory 201908-10 - Multiple vulnerabilities have been found in Oracle's JDK and JRE software suites. Versions less than 1.8.0.202:1.8 are affected.
92eaf04612298402d520565d158aa4cdf0610a9748c3117d082bf3e1de650ebc
Red Hat Security Advisory 2019-2503-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a cross site request forgery vulnerability.
f012531b1f32448bfdd5aa2590a61478d680886552a677c76a300f1e28deabbb
Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in GetGlyphIdx.
9840199e16c8736422d5492c789d03b84c0e50af20ddc637d17924f826b4c265
The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts. It has an issue where it returns a dangling pointer via MergeFontPackage.
b7462443e93a2f335edb0fa0cb618f1ca09b68a645524a4da907045e4cbecac9
Adobe Acrobat CoolType (AFDKO) performs a call from uninitialized memory due to an empty FDArray in Type 1 fonts.
ee99bdb3d2d2a70010bf2a086b44062bad866bcffaebcb151253aa34f15fa2e0
Adobe Acrobat CoolType (AFDKO) suffers from a memory corruption vulnerability in the handling of Type 1 font load/store operators.
fffe2236225f9e4d3de8ed6ad23bf638c3e2c3dd9c3515264d5d9e52c22749ea
The Call For Papers has been announced for REVULN 19Q4, an international cyber-security conference taking place December 11th and 12th, 2019 in Hong Kong at the Best Western Plus Hotel Hong Kong.
58756d13e8c5f3bb7fac9a0a86dbf56e940f233ba2c696c8f74c182205d4831f
Gentoo Linux Security Advisory 201908-9 - Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code. Versions less than 3.28.0 are affected.
6e8bafc85badfcbe11ee46868cd222db448d85b186e1ed5b588e49fb24867767
Gentoo Linux Security Advisory 201908-8 - Multiple vulnerabilities have been found in CUPS, the worst of which could result in the arbitrary execution of code. Versions less than 2.2.8 are affected.
55f806f8d175858ec36ed5739e331f1d79b4fb0e3d73c0b0a52423f13c2a5e81
Gentoo Linux Security Advisory 201908-7 - A vulnerability has been found in KDE KConfig that could allow a remote attacker to execute arbitrary code. Versions less than 5.60.0-r1 are affected.
756b1d5aebf9181f115da61fc0570235d2b4b76cbc6323f489ba8caf46b8d6c0
Red Hat Security Advisory 2019-2499-01 - The ovirt-engine-metrics package is used to collect and enrich metrics and logs from the Red Hat Virtualization Manager, hosts, and virtual machines. It includes Ansible scripts that configure Collectd and Fluentd on the Red Hat Virtualization Manager and hosts. It also stores remote metrics parameters. A password disclosure issue was addressed.
927e8c045ab29cef9cbedcf6b115a53c867d9897d78f654253a6c9062e01534f
This Metasploit module exploits a command injection vulnerability in the Tesla Agent botnet panel.
876b39d059c2458870a9edb00f5e9ea2bde939c9e1996b04940938a90e33aa73
Gentoo Linux Security Advisory 201908-6 - Multiple vulnerabilities have been found in glibc, the worst of which could result in a Denial of Service condition. Versions less than 2.28-r4 are affected.
d57c71da1983c5339fb8ee927bb16a395645d5b48f7d4e5bfc264df20d515872
Red Hat Security Advisory 2019-2504-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An access issue was addressed.
af4e941d45cfeb39da3e7e5abc6d60a4e232332fcc05287781031844719c678c
Red Hat Security Advisory 2019-2494-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.
301774e4eb7fa31f05e30ee1408ff71a60bbb9a6a99b4c002a505cd5c28cc4b0
Red Hat Security Advisory 2019-2495-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.
afa744f86702652e505450d7a9ebe737e7e5cc662c030d48145a4b72acddf732
Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
c1cd40227aabac3ba9908c6673026b5520dd37e641ca9086090d9867e7df5db0