MSI Ambient Link Driver version 1.0.0.8 suffers from a local privilege escalation vulnerability.
d3812dcad998d0f840196864aac543b840cbaf34007890de731a2ca9e42a75b2
Debian Linux Security Advisory 4758-1 - Several vulnerabilities have been discovered in the X.Org X server. Missing input sanitising in X server extensions may result in local privilege escalation if the X server is configured to run with root privileges. In addition an ASLR bypass was fixed.
f766d86a2ab873536eefe0870f0c90e55ca00d335094de674bfbccbfff6552d7
Debian Linux Security Advisory 4759-1 - Fabian Vogt reported that the Ark archive manager did not sanitise extraction paths, which could result in maliciously crafted archives with symlinks writing outside the extraction directory.
e952c13ded54efaf8d191ee6b8dbf6989ef4ccc147b6b43789a9e7bfcf70434d
Debian Linux Security Advisory 4760-1 - Multiple security issues were discovered in QEMU, a fast processor emulator.
9ec9643bb7edebad1c8a64c425392f1a29bfedae27d77a06866086970cb042aa
Debian Linux Security Advisory 4761-1 - It was discovered that ZeroMQ, a lightweight messaging kernel library does not properly handle connecting peers before a handshake is completed. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE encryption/authentication enabled can take advantage of this flaw to cause a denial of service affecting authenticated and encrypted clients.
0b04a5aaab9ee659966e2bbeb22a5b3b23c2f888e4a32faf559460daca53aaa1
Debian Linux Security Advisory 4762-1 - It was discovered that the default configuration files for running the Lemonldap::NG Web SSO system on the Nginx web server were susceptible to authorisation bypass of URL access rules. The Debian packages do not use Nginx by default.
1936fc20f1fce8c046e9a32b0cf72f8389efc42588b36d32567422da6ead95de
Debian Linux Security Advisory 4763-1 - It was discovered that insufficient sanitising of received network packets in the game server of Teeworlds, an online multi-player platform 2D shooter, could result in denial of service.
95fb2ad2601783836a3229eb10174e50ad7ea6799ce16534afb9523ff5a7bf41
Debian Linux Security Advisory 4764-1 - Two security issues were discovered in the pgsql and mysql modules of the InspIRCd IRC daemon, which could result in denial of service.
561ab7f18ae1176cc637ced0c4ea9aa5d1f0a0587d8bdb0b528160951dbe5e8c
Debian Linux Security Advisory 4765-1 - Ervin Hegedues discovered that ModSecurity v3 enabled global regular expression matching which could result in denial of service. For additional information please refer to https://coreruleset.org/20200914/cve-2020-15598/
be3b055743eb57fe9c8abc5054dbd71e1eb1dafc84281ecf5a897604f777f6a0
Debian Linux Security Advisory 4766-1 - Multiple security issues were discovered in the Rails web framework which could result in cross-site scripting, information leaks, code execution, cross-site request forgery or bypass of upload limits.
b1a73047f2774964fa668a2801d5455ae63d0a6ddd6e35a8004ce02881f79bf8
Debian Linux Security Advisory 4767-1 - Multiple security issues were discovered in MediaWiki, a website engine existed or not, multiple code paths lacked HTML sanitisation allowing for cross-site scripting and TOTP validation applied insufficient rate limiting against brute force attempts.
c8613614ee7c9f1ac6af0506b3a755746764aa0c99cca5c2deba55fe743bab14
Debian Linux Security Advisory 4768-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting or spoofing the origin of a download.
37cc9917e4afee8359971d48c6af08486b830ce4c6dd2d0ba941a21bcc7b417a
This Metasploit module exploit uses access to the UniversalOrchestrator ScheduleWork API call which does not verify the caller's token before scheduling a job to be run as SYSTEM. You cannot schedule something in a given time, so the payload will execute as system sometime in the next 24 hours.
3a60a69dcbeb7de997adcc7d739647b41b00df07ef99e3f346dd78c5b1f47616
This Metasploit module exploits an arbitrary file upload vulnerability in MaraCMS versions 7.5 and below in order to execute arbitrary commands. The module first attempts to authenticate to MaraCMS. It then tries to upload a malicious PHP file to the web root via an HTTP POST request to codebase/handler.php. If the php target is selected, the payload is embedded in the uploaded file and the module attempts to execute the payload via an HTTP GET request to this file. For the linux and windows targets, the module uploads a simple PHP web shell. Subsequently, it leverages the CmdStager mixin to deliver the final payload via a series of HTTP GET requests to the PHP web shell. Valid credentials for a MaraCMS admin or manager account are required. This module has been successfully tested against MaraCMS 7.5 running on Windows Server 2012 (XAMPP server).
46bcd0fb88548beb443fdf27155d8d4343ca495c9eb2a3289d06a46da4ac2b7b
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24
WordPress WP Courses plugin versions 2.0.29 and below suffer from an issue that allows an unauthenticated attacker the ability to ex-filtrate all the content of courses through the WordPress REST API.
1dc9c867a49c8ff76a931ea288460a80bbe8cba8bbb23f594818102315099698
Ubuntu Security Notice 3968-3 - USN-3968-1 fixed several vulnerabilities in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and execute arbitrary commands. Various other issues were also addressed.
14da33a6eaef6b2042cd49cc65c94eebda48565149642e19c3331f83b8a0d758
Ubuntu Security Notice 4546-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, spoof the site displayed in the download dialog, or execute arbitrary code.
e4244c4199758b7d37cc58884701f60fd3731f73bab8abf0e794d77cc4f34e4b
Ubuntu Security Notice 4545-1 - It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause a denial of service. It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause libquicktime to crash, resulting in a denial of service. Various other issues were also addressed.
42b234cfc3ce5da503af837eb2242da2e52ebe842d6f859d2f3b28e1eabf5040
Ubuntu Security Notice 4541-1 - Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the df_generate_ascii_array_entry function. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service attack or arbitrary code execution. Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the PS_options function when the Gnuplot postscript terminal is used as a backend. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service attack or arbitrary code execution. Various other issues were also addressed.
4899b4998d8b6562ca856bc69ea8c153af0da3e8f57eaaaccfe87ed18a8c695a
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.
0f6ee8223f3fa6b763e84bf035661dfd5ffe0b7d250ab0fd42cb9c50511e42a7
Ubuntu Security Notice 4543-1 - MichaĆ Bentkowski discovered that Sanitize did not properly sanitize some math or svg HTML under certain circumstances. A remote attacker could potentially exploit this to conduct cross-site scripting attacks.
f1ead2388e6d83f5478a5993f2cf6dac7612668cdf51da8b4a35267b82aa59e9
Ubuntu Security Notice 4542-1 - It was discovered that MiniUPnPd did not properly validate callback addresses. A remote attacker could possibly use this issue to expose sensitive information. It was discovered that MiniUPnPd incorrectly handled unpopulated user XML input. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. It was discovered that MiniUPnPd incorrectly handled an empty description when port mapping. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. Various other issues were also addressed.
5f401d4817df46c6520b1c3e03a9adef27a1742a79f51c3dd5ffd8c3f11a254d
Apple Security Advisory 2020-09-24-1 - macOS Catalina 10.15.6 Supplemental Update, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave are now available and address code execution and out of bounds read vulnerabilities.
fdd9824f75556374ab03a8e92e45d92345d8f1e8063a9d0891a596d681071503
Ubuntu Security Notice 4540-1 - Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause atftpd to crash, resulting in a denial of service. Denis Andzakovic discovered that atftpd did not properly lock the thread list mutex. An attacker could send a large number of tftpd packets simultaneously when running atftpd in daemon mode to cause atftpd to crash, resulting in a denial of service. Various other issues were also addressed.
795f3cef45822be0c6f85455334f008d9e5c155d64359a0af3f53e85769f76e2