Debian Linux Security Advisory 4691-1 - Two vulnerabiliites have been discovered in PDNS Recursor, a resolving name server; a traffic amplification attack against third party authoritative name servers (NXNSAttack) and insufficient validation of NXDOMAIN responses lacking an SOA.
aada610ec729b715bd4deefefe72312c4e3df29f8f251339c4ba2be8d8cc2bd3Debian Linux Security Advisory 4692-1 - Georgi Guninski and the Qualys Research Labs discovered multiple vulnerabilities in qmail (shipped in Debian as netqmail with additional patches) which could result in the execution of arbitrary code, bypass of mail address verification and a local information leak whether a file exists or not.
71843b017c5f98386f0eee906018b39853e36b3e3a3c0d30450769937bd7c1cdDebian Linux Security Advisory 4693-1 - Several vulnerabilities were discovered in Drupal, a fully-featured content management framework, which could result in an open redirect or cross-site scripting.
357e410d6d2403dbc035d10bf229ad70fd4d22acedb37509054f636187976747Debian Linux Security Advisory 4694-1 - Two vulnerabiliites have been discovered in Unbound, a recursive-only caching DNS server; a traffic amplification attack against third party authoritative name servers (NXNSAttack) and insufficient sanitisation of replies from upstream servers could result in denial of service via an infinite loop.
b046a72fee0ad425126c623785cc6b1b0c768b446a15efc25f18f621ebd40c16This Metasploit module exploits a command execution in Pi-Hole versions 4.3.2 and below. A new DHCP static lease is added with a MAC address which includes a remote code execution issue.
359e5af00d21f40799f66c4def97b9142ec248ec7b78fc2f54d6c7286881fa62The Firefox content processes do not sufficiently lockdown access control which can result in a sandbox escape.
5ab57ea898f6984a1d902219e6b5dad81c2a3fda15ddd5b7b3e8b94690951fdaRed Hat Security Advisory 2020-2333-01 - Red Hat JBoss Enterprise Application Platform CD19 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform CD19 includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, cross site scripting, denial of service, and out of bounds read vulnerabilities.
60c6cfb83e5036b1ce51c4410ffab8547065d86cf420e7222face7dc4b27fe8fUbuntu Security Notice 4360-4 - USN-4360-1 fixed a vulnerability in json-c. The security fix introduced a memory leak that was reverted in USN-4360-2 and USN-4360-3. This update provides the correct fix update for CVE-2020-12762. It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
2807edeea9a8f95f742e907a1f8ca749a089935a9eb6c21362d40e5c85bc3305QNAP QTS and Photo Station version 6.0.3 suffers from a remote command execution vulnerability.
604298053dafd0abe28f387617874da35d43eb2b5d986c0ce5674a7007367477Ubuntu Security Notice 4376-1 - It was discovered that OpenSSL incorrectly handled ECDSA signatures. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. Matt Caswell discovered that OpenSSL incorrectly handled the random number generator. This may result in applications that use the fork system call sharing the same RNG state between the parent and the child, contrary to expectations. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10.
e20de866e28c83e8f20de501782e4da4bf3f8fcaa6fcfbdc5b5e842700cd1f27Online-Exam-System 2015 suffers from a remote SQL injection vulnerability.
30a65160caaf9089ecbac10698104fa0f25786673eeeb5312507f56693b83bcbRed Hat Security Advisory 2020-2332-01 - After May 31, 2020, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.8 or older on Red Hat Enterprise Linux 6.
5c6db7d4d3d17190c557ee16ca94ac656f852906dd2b79d6e8ecedf2d3410975EyouCMS version 1.4.6 suffers from a persistent cross site scripting vulnerability.
c1633e096fd7ffb684c4d315be68aa3c97f84fe185e74fb5e0c5a8b58ee5307bRed Hat Security Advisory 2020-2331-01 - After May 31, 2020, as per the life-cycle support policy for Red Hat Satellite Proxy, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.8 or older on Red Hat Enterprise Linux 6.
5d563339321f6d0c23b618ace6b155df4a7098007257d8904f8448cfd191a903NOKIA VitalSuite SPM 2020 suffers from a remote SQL injection vulnerability.
4b2f2f524685c71ebbea6918e30aab44516bbaa3ba7628233adfab36ee03593bRed Hat Security Advisory 2020-2217-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a cross site scripting vulnerability.
f060939a4e918f3e240f705b0763ea1f2ed460ca531a85a918998f346e69e167Red Hat Security Advisory 2020-2218-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
d3cd08085d9f13babd01883d627480cb86191e739c83549eac8e55139ee25f74
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed