Red Hat Security Advisory 2020-1406-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.7.0 ESR. Issues addressed include an out of bounds write vulnerability.
d301bcfb4597eb204609438d8a2d62f5162ce247402fe8ea86e3eab2e7384619
Ubuntu Security Notice 4326-1 - It was discovered that libiberty incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause libiberty to crash, resulting in a denial of service, or possibly execute arbitrary code.
cce5ccd1381ca4371468d48f13ccafdaf17f92a77a25c83dfdfc7b301ed31bc8
Red Hat Security Advisory 2020-1280-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An issue was resolved where /etc/passwd was given incorrect privileges.
c425eb68e2d6d4c9d194a066e84a1324153eea6e282b7a6aba31a209018cfba8
Red Hat Security Advisory 2020-1404-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.7.0 ESR. Issues addressed include an out of bounds write vulnerability.
5a728c879f9c3b76b0c2e56a06bb108d5061ad73a95946aff16b3870567aa311
Red Hat Security Advisory 2020-1403-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.
cb873a7c6fcd27a328056807510562b48a02381d2a284825d8d1bfb28eb2f0e2
Ubuntu Security Notice 4324-1 - Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Shijie Luo discovered that the ext4 file system implementation in the Linux kernel did not properly check for a too-large journal size. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. Various other issues were also addressed.
3354b82b5136c0f1f9db6f7e2c046652c69628e3bd2119247ececc242c70ea9e
Ubuntu Security Notice 4325-1 - It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service. Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Various other issues were also addressed.
85eb72e52de82594e56321121c22f08f52800814e6fbad38268b1be081f132fd
This is a whitepaper tutorial that describes steps taken to identify post-authentication remote SQL injection vulnerabilities in Centreon version 19.10-3.el7.
02221a056ccb54bfaed855a9ef6741e6737b01e06fc5841d931b5745c69e5e8b
Red Hat Security Advisory 2020-1277-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a memory exhaustion vulnerability.
e78a3f5bd1906258b16f8c88b1ff05f08a6927930880ae41d263adbc06c45948
Amcrest Dahua NVR Camera IP2M-841 denial of service proof of concept exploit.
b6300eb6dc0f7f07a90363c157630dcfcdcbf7b6e70a052d91c4c38aa8ce95ae
This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in Symantec Web Gateway version 5.0.2.8.
c5c75f2da8676e6edfc6cc37ea4ac20e90be1d12275b0fce452c5c10d306afe6
Red Hat Security Advisory 2020-1287-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include an out of bounds write vulnerability.
be3a633bb19d0706ccdf2545521604cb2211df4bfc058b853a01a677628a2b4e
Django version 3.0 suffers from a cross site request forgery token bypass vulnerability.
d0e6f57c3341b5df4f6b446f80e494ae81f6f91f6f38223920681e3b68cecf89
Ubuntu Security Notice 4323-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that extensions could obtain auth codes from OAuth login flows in some circumstances. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit this to obtain access to the user's account. Various other issues were also addressed.
82ffb73dafade128e5d02a1a6be7bb4cd63c7b63edd4aa2142981b1f0805672e
This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in ManageEngine version 14.
55f884e3a3e6704c111f4ff046bd4931087255499a9ead8d4d9832ca49c77691
This is a whitepaper tutorial that describes steps taken to identify post-authentication remote command execution vulnerabilities in NagiosXI version 5.6.11.
c13f3213213baa28e248e4dc73e332bc336b5d187686a95ad2ef8b57a7b36938
This is a whitepaper tutorial that walks through creating a proof of concept exploit for a pre-authentication remote command execution vulnerability in Symantec Web Gateway version 5.0.2.8.
9876efa02a9403b13e3814ee5a4409950bf50bd73e0e3c6f43ee673c60841a3e
This is a whitepaper tutorial that walks through creating a proof of concept exploit for a remote command execution vulnerability in NagiosXI version 5.6.
8cd9a562fc422fbab693c7375a6d77afbff17c5e7e25cd997d8290beae82bbe2