Red Hat Security Advisory 2020-3209-01 - The release of Red Hat AMQ Online 1.5.2 serves as a replacement for AMQ Online 1.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include XML injection and cross site request forgery vulnerabilities.
d53f4c95584a5321010758f4597001f52e3b2733be2f86f69434037c5d8129a3
Ubuntu Security Notice 4436-2 - USN-4436-1 fixed a vulnerability in librsvg. The upstream fix caused a regression when parsing certain SVG files. This update backs out the fix pending further investigation. It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. It was discovered that librsvg incorrectly handled parsing certain SVG files with nested patterns. A remote attacker could possibly use this issue to cause librsvg to consume resources and crash, resulting in a denial of service. Various other issues were also addressed.
4706de17b14bc5c39477720e86b7c7f7d6843ae2ead3aeb893972344ded4d0ec
Red Hat Security Advisory 2020-3199-01 - openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools, which can be used to help deploy OpenStack.
9657342eab465054b6b17cf7bc53524f98de4a79f96d0a9c209af12cdfc20dad
Red Hat Security Advisory 2020-3197-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.8.0 serves as an update to Red Hat Process Automation Manager 7.7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and cross site scripting vulnerabilities.
a15ccfa9329679e05a6ecaa4123f1c5d3a9080732413f5c3b568c78c83c33b9b
Red Hat Security Advisory 2020-3196-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.8.0 serves as an update to Red Hat Decision Manager 7.7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and cross site scripting vulnerabilities.
19707209eebd7d23d58d5eac714f5aec7fe71e79b5a8b0ea417379cd8fe36ad3
WordPress Maintenance Mode by SeedProd plugin version 5.1.1 suffers from a persistent cross site scripting vulnerability.
ff87ceae26dd08e823ae8410b57da1b1ea9f383506b8de5ebf0a1cd8ff0346f7
Cisco Adaptive Security Appliance Software version 9.7 unauthenticated arbitrary file deletion exploit.
9bff9df7bc31ade0ee6b87d153b448191f71eeb26ef4d1d4589e805582f16722
Adaptive Security Appliance Software version 9.11 local file inclusion exploit.
247cefda8529660c011d201a2b76720f081ad633e4d40f0c6ed55ebcb57f6f36
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.
442cbc8390ec9dfeceb6a5b1e9f78d7801b36882249fe7cd60402c2b94513e25
This Python script checks whether the target server is vulnerable to CVE-2020-3452, a vulnerability in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) products that can allow for remote file disclosure.
f3d076dbbf728c5d5918c4039d0eaa629b5d9f90b1358b60f76542b5b020352c
Ubuntu Security Notice 4442-1 - Michael Kaczmarczik discovered that Sympa incorrectly handled HTTP GET/POST requests. An attacker could possibly use this issue to insert, edit or obtain sensitive information. It was discovered that Sympa incorrectly handled URL parameters. An attacker could possibly use this issue to perform XSS attacks. Nicolas Chatelain discovered that Sympa incorrectly handled environment variables. An attacker could possibly use this issue with a setuid binary and gain root privileges. Various other issues were also addressed.
7020185eae4c1a4feb195064dd4e42bd3d4a8eca72224fca58383c0be086b058
Gentoo Linux Security Advisory 202007-58 - Multiple vulnerabilities have been found in FFmpeg, the worst of which could result in the arbitrary execution of code. Versions less than 4.2.4 are affected.
a0723a5d1529f2b0d9076819365b557df53374ec1ab172ac9fb948d6c1858ee3
Gentoo Linux Security Advisory 202007-57 - Multiple vulnerabilities have been found in Mutt and Neomutt, the worst of which could result in an access restriction bypass. Versions less than 1.14.4 are affected.
3d7c0477f13c2bad8d71919da6093a0631a38d77353b642ee9a458ca71e71ae3
Gentoo Linux Security Advisory 202007-56 - A vulnerability was discovered in Claws Mail's STARTTLS handling, possibly allowing an integrity/confidentiality compromise. Versions less than 3.17.6 are affected.
0505459ef6e77899cf892e24485e2ffc8d494b05a0dedbda187215071d8d49e8
Gentoo Linux Security Advisory 202007-55 - A vulnerability was discovered in libetpan's STARTTLS handling, possibly allowing an integrity/confidentiality compromise. Versions less than 1.9.4-r1 are affected.
1d6d3a08fe146e5839a4012167d4cb967786952ff48d7e9cdf5461ec0e750dea
Gentoo Linux Security Advisory 202007-54 - Multiple vulnerabilities have been found in rsync, the worst of which could result in a Denial of Service condition. Versions less than 3.2.0 are affected.
3daf0b4d15f5fc6f45399e1042eb08c1688bc61679dd3978e85e8de4d324e4e5
Gentoo Linux Security Advisory 202007-53 - Multiple vulnerabilities have been found in Dropbear, the worst of which could result in a Denial of Service condition. Versions less than 2020.80 are affected.
bf9fd48b18e37dee9a2fbb168f4879020b4729bf4ab4e4dbef27abcb75ed8138
Gentoo Linux Security Advisory 202007-52 - Multiple vulnerabilities have been found in mujs, the worst of which could result in a Denial of Service condition. Versions less than 1.0.6 are affected.
28af703edb82782e5e1b34012ffe3f05f19258eb67f3dd3f39b1e9688d36823f
Red Hat Security Advisory 2020-3194-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include a man-in-the-middle vulnerability.
ab12a5414b74ae4ec0875438bd155092413bb637cd1033a63c83f8057805a037
Red Hat Security Advisory 2020-3192-01 - This release of Red Hat Fuse 7.7.0 serves as a replacement for Red Hat Fuse 7.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, XML injection, bypass, cross site scripting, denial of service, information leakage, and server-side request forgery vulnerabilities.
7c2d2464e2e75c435724268e7235a048d87b1886dbc11e01f6fa6141b8a86b2c
Ubuntu Security Notice 4441-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.21 in Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.31. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
e1962900f6f62a60269c8b69b77c03b78cbe969e5e86d80a7e81d2cef98eeb09
Debian Linux Security Advisory 4713-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
d093ddf7ea84bd8b0d919e2d72ccc6b5b548b88a83a9cc2efba50120325911d0
Debian Linux Security Advisory 4714-1 - Several vulnerabilities have been discovered in the chromium web browser.
56d7c5669e16bebce80685a27cea4c0a0906ab2f5a6b78ca1bb1f083ffa10c58
Debian Linux Security Advisory 4714-2 - The previous update for chromium released as DSA 4714-1 was mistakenly built without compiler optimizations. This caused high CPU load and frequent crashes. Updated chromium packages are now available that correct this issue.
063cec199eb71062bba60ed42d31b9fd157393bea9290fbd770b637a3603f524
Debian Linux Security Advisory 4714-3 - The previous update for chromium released as DSA 4714-2 contained a flaw in the service worker implementation. This problem causes the browser to crash when a connection error occurs. Updated chromium packages are now available that correct this issue.
f680653d6312a81ba03a72d051f23254450ad6437287c043f0289887ab8e8b5d