Red Hat Security Advisory 2020-3574-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include bypass and code execution vulnerabilities.
180aa53cbca05482454904febdf9c008320039952a59725600229f347d9d9357Mida eFramework version 2.9.0 suffers from a remote code execution vulnerability.
1d91860562323de0b96d48e3fab2bd5c3cff83336de0debd04431d028e64421aASX to MP3 Converter version 3.1.3.7.2010.11.05 .wax local buffer overflow proof of concept exploit with DEP and ASLR bypass.
7f84c77ff7d0602ebf55956621de4d05257783b831769bc70810340d9c65606bGnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
7c1370565e1910b9d8c4e0fb57b9de34aa062ec7bb91abad5803d791f38d855bUbuntu Security Notice 4475-1 - It was discovered that Chrony incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause a denial of service or expose sensitive information.
2ba66b15a770c05e43d566a989f725061971e35aa3b6b84c1c86873791eeb251Ubuntu Security Notice 4446-2 - USN-4446-1 fixed vulnerabilities in Squid. The update introduced a regression when using Squid with the icap or ecap protocols. This update fixes the problem. Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform cache-injection attacks or gain access to reverse proxy features such as ESI. Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks. Jeriko One discovered that Squid incorrectly handled URL decoding. A remote attacker could possibly use this issue to bypass certain rule checks. Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled input validation. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service. Various other issues were also addressed.
be7270eca51d9106f34f71c4e2558648d8f85a5fc7f6800b486c696796ffa772Gentoo Linux Security Advisory 202008-16 - Multiple vulnerabilities have been found in Mozilla Firefox and Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 68.12.0 are affected.
c474d40ff712accf1513fe181cb940306656297f6cb3abadea7fc678d95faed8Gentoo Linux Security Advisory 202008-15 - A flaw in Docker allowed possible information leakage. Versions less than 19.03.12 are affected.
e644d995ae441f4c24164f26fe3d2966d0636123a2802291141857a55dfe8a2eRed Hat Security Advisory 2020-3541-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. The Matrix Project is a module which handles creating Jenkins multi-configuration projects. Matrix Authorization allows configuring the lowest level permissions, such as starting new builds, configuring items, or deleting them, individually. Python-RSA is a RSA implementation in Python. It can be used as a Python library as well as the commandline utility. Ansible is a SSH-based configuration management, deployment, and task execution system. The openshift-ansible packages contain Ansible code and playbooks for installing and upgrading OpenShift Container Platform 3. Issues addressed include cross site scripting, denial of service, and information leakage vulnerabilities.
42d044757ced55aee7edf9844bfad23fe95bf3c3141361f974b7050950a43c55Gentoo Linux Security Advisory 202008-14 - A vulnerability in Wireshark could lead to a Denial of Service condition. Versions less than 3.2.6 are affected.
1e745d3f44450ee5f3ff173318a642583a2f861a43f9f1ec7f4117a0f3560687Gentoo Linux Security Advisory 202008-13 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in privilege escalation. Versions less than 9.5.23:9.5 are affected.
b9ffeb065fa475ec938af85e828054d7d90b5d9a9259663a3d565b3d3bc786a1Gentoo Linux Security Advisory 202008-12 - Multiple vulnerabilities have been found in Net-SNMP, the worst of which could result in privilege escalation. Versions less than 5.8.1_pre1 are affected.
47b590361046f370f06a09b89dcc673424b68229c00713f89dedeb4d3d77f993Gentoo Linux Security Advisory 202008-11 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 85.0.4183.83 are affected.
945bfec750bf63585fac49eee7a83a14fbd13374349c8480dfe005be75d41814I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
dbccada6a353b54ceb844fe8cb0912c0363375a2f57214d23fcf463c4e6d2c4fDebian Linux Security Advisory 4751-1 - Several vulnerabilities were discovered in Squid, a fully featured web proxy cache, which could result in request splitting, request smuggling (leading to cache poisoning) and denial of service when processing crafted cache digest responses messages.
3753426127834c4951d974e752f420e15ee85396cc43dfb685e0906f69a54744Ubuntu Security Notice 4474-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information between origins, or execute arbitrary code. It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. Various other issues were also addressed.
9c3f9b8a995f19fc2e46e69b42485c8da02e85dd0a8cc8530e25b865bb07d168Ubuntu Security Notice 4473-1 - It was discovered that libmysofa incorrectly handled certain input files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
ce698e2a37b8520212864efc5a6c58f264ab386ed74bc12d3f6486c7684eb0adWhitepaper called Abusing COM and DCOM Objects.
5fd1de5a2df55fca764f1fb18fe5f7e5b49b94117032c4e071b37fcbeb66bcd5Red Hat Security Advisory 2020-3560-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 84.0.4147.135. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
da139feef4f6e95fbdfa2ad6cad01dfe0bfbe31d154fa6a8ea26994a9d1ac46cRed Hat Security Advisory 2020-3559-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.
7071bc5b65af88f2dcaea66b935e44589512652aac084c241d26a230f004bbd0Red Hat Security Advisory 2020-3557-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.
096e81539698f467e362800feb0355c97bf31cc374d51d6421b76c56799db7a4Red Hat Security Advisory 2020-3556-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.12.0 ESR. Issues addressed include a use-after-free vulnerability.
dc55d785b97e069e628bf651de02b4593f1670fab9d2f1bb7abda6d19aef1159Red Hat Security Advisory 2020-3555-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.
835141410b406ab871de2e407f475d6a360644a79d5dbfb5083396c9a1c6e38cRed Hat Security Advisory 2020-3558-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.12.0 ESR. Issues addressed include a use-after-free vulnerability.
94d0e564eea25db831511ebef9cc80bfe0017410d73632361a9dd0d9194d21b6Debian Linux Security Advisory 4749-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or unintended or malicious extensions being installed.
02e7edd19ea0fa39eb7a145101322fc43f50ad43594ff1acead7887cf2f28707
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed