ModSecurity version 3.0.x suffers from a denial of service vulnerability due to the handling of regular expression matching. ModSecurity version 3.0.x is affected by a denial of service vulnerability due to the global matching of regular expressions. The combination of a non-anchored regular expression and the ModSecurity capture action can be exploited via a specially crafted payload.
df79f2392e827d107f0ec05ae4fe67b4b9956f6a18d720baf532bbded9256ab4
Ubuntu Security Notice 4500-1 - It was discovered that bsdiff mishandled certain input. If a user were tricked into opening a malicious file, an attacker could cause bsdiff to crash or potentially execute arbitrary code.
ad79f2339f758eb6de120943827cf5912e41e6e5269955e5c50c38008853d145
Ubuntu Security Notice 4498-1 - It was discovered that Loofah does not properly sanitize JavaScript in sanitized output. An attacker could possibly use this issue to perform XSS attacks.
88d4e83dbb53e89c4500d9d0e93cd5f4caff49dfd2b7395e75e7ae1611a739c6
Ubuntu Security Notice 4499-1 - It was discovered that MilkyTracker did not properly handle certain input. If a user were tricked into opening a malicious file, an attacker could cause MilkyTracker to crash or potentially execute arbitrary code.
ce73b6a694072285fb74e4e0fb23e56ada9f32aac639e5e89ba32c1ada7fcc25
Ubuntu Security Notice 4497-1 - It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJPEG did not properly handle certain input. If OpenJPEG were supplied with specially crafted input, it could be made to crash or potentially execute arbitrary code. Various other issues were also addressed.
74e3c9ec57d378bfed6df67fdfda72eebec0620c3bf0135a0ad613d960d815e5
Red Hat Security Advisory 2020-3757-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries.
38d88d4582fd8e4b4af72cbfff99013cc4f4e4f40fa1d110cb89951a4a135182
Ubuntu Security Notice 4496-1 - It was discovered that Apache XML-RPC does not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code.
0d11bb361d9214af8b8e07592fe8af5981b3411a2ea5248352424c6214828223
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
a45ca00afe765e3baa839767c9dd6ac9a46dd01720a3a8ff4d86558c12359926
ThinkAdmin version 6 suffers from an arbitrary file read vulnerability.
fe42cf04f2cdc9bb862216f8963016b2fe0628e81ef14d9bc2127976f892f768
Tailor MS version 1.0 suffers from a cross site scripting vulnerability.
e5d3f596826a09594cd3da84dcda261dea5ea9721eb1dcd54f95e306795f8d75
Red Hat Security Advisory 2020-3756-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.
a0672f9c6434ac91b420476fae2e94c3bde749deb7e9eccd76c148d2fa5e4b8a
Red Hat Security Advisory 2020-3755-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries.
8088018e49ab602ff0af5b3d632c13312fe2641a979d34c831b2c4024601772b
Ubuntu Security Notice 4495-1 - It was discovered that Apache Log4j does not properly deserialize untrusted data. An attacker could possibly use this issue to remotely execute arbitrary code.
d53f82097b8b22273ce0af7583c015d35c35509bef10c5df372286782ec1f909
Ubuntu Security Notice 4494-1 - It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks.
d3875434bb5b4c21a1998c33ca3377de59ad32d63e34614ddb94c1795d6e9839
Red Hat Security Advisory 2020-3749-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.
f2a8493e6bfb74fbfb4e576afd201300cc783d8e0cc85a1e307d449e5d20c98d