Red Hat Security Advisory 2020-3185-01 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include an out of bounds read vulnerability.
c896bd59bdde502f8d570afb3efca94807b93f659893d8ddabdb2d0317d36ef7Red Hat Security Advisory 2020-3078-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
72ed8cda583488ce2438f8e63e38e754f0d83144db73575e15efe52e86674f19Red Hat Security Advisory 2020-3176-01 - PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Issues addressed include an XML injection vulnerability.
b827363519d66d02a2b3fbcce4106340c01529a57767fb1bfeaabe45f382602dRed Hat Security Advisory 2020-3167-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.
52d116c4473e321492aec7ee641e4724f3ac68dae2779f9227dc2b08d812e827Ubuntu Security Notice 4440-1 - It was discovered that the network block device implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service. It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly check return values in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
93050dd9768e16bf8e7459dcfcb358a4a7847e519f51bfbd8b25246f475d27e4Ubuntu Security Notice 4439-1 - It was discovered that the network block device implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service. It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.
789e8f002f0de81a8d353f1ea8d5a4ecb5aa606f09d0d78851c94acd0cbcd044Red Hat Security Advisory 2020-2992-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include memory exhaustion and use-after-free vulnerabilities.
0f1b92f26088f8a28c8cf20ea0fc641bd642de6101793bbb755e413ca89ebc73Ubuntu Security Notice 4435-2 - USN-4435-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.
4afe934b8629dfa16ec6c07cb7c59e43a30a773854c88c66c6f5b7e4c1346effUbuntu Security Notice 4436-1 - It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. It was discovered that librsvg incorrectly handled parsing certain SVG files with nested patterns. A remote attacker could possibly use this issue to cause librsvg to consume resources and crash, resulting in a denial of service. Various other issues were also addressed.
546c2237e39dfb6498ac801171c26c1667b637632dbb34c77266efe298f6a487Ubuntu Security Notice 4435-1 - It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled scanning malicious files. A local attacker could possibly use this issue to delete arbitrary files. It was discovered that ClamAV incorrectly handled parsing EGG archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.
bdd994238e41940137543be49827bbffa97900a52196a21d57ae900f18beede5Ubuntu Security Notice 4438-1 - It was discovered that SQLite incorrectly handled query-flattener optimization. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code.
e014c20b4393a493dd62950f5d0bdb7e2aba410404b4714d8a1ee1dea78bf2edUbuntu Security Notice 4437-1 - Ziming Zhang and VictorV discovered that libslirp incorrectly handled replying to certain ICMP echo requests. A remote attacker could possibly use this issue to cause libslirp to crash, resulting in a denial of service.
542dc28988393ded6d10f8f0c0f25a7f0eebae318a0befb7410ce775b4be7c14Socket.io-file versions 2.0.31 and below suffer from an arbitrary file upload vulnerability.
711ef348c9b7a811fcc015a0073c09cabd304fdb53657ca775b0e1598313780eRed Hat Security Advisory 2020-3017-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.1.15 serves as a replacement for Red Hat support for Spring Boot 2.1.13, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include code execution and deserialization vulnerabilities.
9dbd3f39e29175e22d81e2fc4cdba8714c308655dbe6e47e25670d5c382db2feGentoo Linux Security Advisory 202007-51 - A vulnerability was found in FileZilla which might allow privilege escalation. Versions less than 3.47.2.1 are affected.
79de74b94aeb01c7212a47c4205dc84efda6af1590e378639a52e1c4294f3db4Gentoo Linux Security Advisory 202007-50 - GLib Networking was not properly verifying TLS certificates in all circumstances, possibly allowing an integrity/confidentiality compromise. Versions prior to 2.62.4 are affected.
ba99130821e0f95c6b9bb2ce05be61694f6e2de70947491adafc82c56fabaa54Gentoo Linux Security Advisory 202007-49 - NSS has an information disclosure vulnerability when handling DSA keys. Versions less than 3.52.1 are affected.
cd1e140dd4780b1f36cf34cfb5c7d085af67fc3aa3bc50a66b24ae1f364873c9Gentoo Linux Security Advisory 202007-48 - An integer overflow was discovered in OCaml's standard library, possibly allowing arbitrary execution of code. Versions less than 4.09.0 are affected.
77b06cccab789bede20e436ebff3b7bd66f314e6dacae29b6d26e9062b0e805dpfSense version 2.4.4-p3 suffers from a cross site request forgery vulnerability.
fc6d23f0b394e0b5d17c407613ef674c7136745576f242d1f0be3d36a0d6a9ebGentoo Linux Security Advisory 202007-47 - A logic error in Okular might allow an attacker to execute arbitrary code. Versions less than 19.12.3-r1 are affected.
7940686604f931a597d261ac94e8fc3413de1567d752755bdfd6481061a1d9e4Gentoo Linux Security Advisory 202007-46 - A local Denial of Service vulnerability was discovered in D-Bus. Versions less than 1.12.18 are affected.
daf600f806489c8d10cac31ed099acbe6eb95975c3b0511575e2eec8930ae2fbGentoo Linux Security Advisory 202007-45 - A buffer overflow in NTFS-3g might allow local or remote attacker(s) to execute arbitrary code, or escalate privileges. Versions less than 2017.3.23-r3 are affected.
3cf9f4b402f52475b4c92be5d5021cc40cfba2e20fb50ba57d8de7131a780703Virtual Airlines Manager version 2.6.2 suffers from a persistent cross site scripting vulnerability.
9f872ad5a6c09d808452faea6191e3f7b16e14d2e4b1d00aa1a017f89ec9b3e2Gentoo Linux Security Advisory 202007-44 - Multiple vulnerabilities have been found in FreeXL, the worst of which could result in a Denial of Service condition. Versions less than 1.0.5 are affected.
ea7a9570166beb5189ac818e6de7530b94b396bcae4c730616a94b263d46b958Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
80c4989ffce802aa3b3b23e9d9a9820eb3d1ece1830504edfb6935c01cde3058
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed