Debian Linux Security Advisory 4771-1 - Frediano Ziglio discovered multiple buffer overflow vulnerabilities in the QUIC image decoding process of spice, a SPICE protocol client and server library, which could result in denial of service, or possibly, execution of arbitrary code.
a1576ec4b008cf6fd0f7ce8adbf72f46bc2bf85daef60056fcf552fc79297aad
Debian Linux Security Advisory 4772-1 - Priyank Nigam discovered that HttpComponents Client, a Java HTTP agent implementation, could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution.
46abf040691fa579ed519644fab0546957e697a36931ae920f60979c9e201d25
Debian Linux Security Advisory 4773-1 - Two vulnerabilities were discovered in yaws, a high performance HTTP 1.1 webserver written in Erlang.
0c213b73840806d1cb1fe8a49cac06cb5bd45039df5ae7cc8dc5abd7613a84db
Debian Linux Security Advisory 4774-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.
4a7683621e889be8263c0eed0407c142799b83815cf38d1f521331435715266a
Debian Linux Security Advisory 4775-1 - A directory traversal vulnerability was discovered in python-flask-cors, a Flask extension for handling Cross Origin Resource Sharing (CORS), allowing to access private resources.
8e9c6fbda033db3313524eb8cc59da0f6e3aee7a7fd3aa124e5c31e37da92aad
Debian Linux Security Advisory 4776-1 - A security issue was discovered in the MariaDB database server.
c303d654bd40db8682aafd9f26d8cb2740bc2beaf7a376153c1113750c70c6da
Debian Linux Security Advisory 4777-1 - Sergei Glazunov discovered a heap-based buffer overflow vulnerability in the handling of embedded PNG bitmaps in FreeType. Opening malformed fonts may result in denial of service or the execution of arbitrary code.
e07057c51dcb871a6de63e1ea7233729299127657cde7e3493253a5087c34ab0
Debian Linux Security Advisory 4778-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
a5d7327d6d27bef49e8e68e45434a16a7f13da01e9dca1109bb9bc3e69c1ddf0
Debian Linux Security Advisory 4779-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which could result in denial of service, information disclosure, bypass of access/sandbox restrictions or the acceptance of untrusted certificates.
731b49476c241c261998bff0a7538272dbdfcf0f2dbdba514432e1387a43d49e
Debian Linux Security Advisory 4780-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.
8b4dadbc6a9dc932f30a3bd1a5683af2fbebb6fa9088460960326437e1f0cdc4
Debian Linux Security Advisory 4781-1 - Vaisha Bernard discovered that Blueman, a graphical bluetooth manager performed insufficient validation on a D-Bus interface, which could result in denial of service or privilege escalation.
fca192b68db8419079766f9d06d616f92440e97aeb33c47eec3d8b3cef6d270c
Debian Linux Security Advisory 4782-1 - A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet.
00759ecb63f3235a7fa183d3722a7f9bd6247c549576c7fdca5738a9f409855a
FreeType suffers from a heap buffer overflow vulnerability due to integer truncation in Load_SBit_Png.
3e74cc76bab0b12102b081d5d5527d7a09ac96232ae08096c3cc4702512988b9
Red Hat Security Advisory 2020-4384-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 and includes bug fixes and enhancements. Issues addressed include buffer overflow and integer overflow vulnerabilities.
467d98d3dc3e453dab213eac2a788f9c54641adf327662b50e225048b78e03a6
Red Hat Security Advisory 2020-4383-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 4 and includes bug fixes and enhancements. Issues addressed include buffer overflow and integer overflow vulnerabilities.
e3fa177914caddbd671a91d6b248da680b85881080ad1c62d8b0d466e506ead0
Red Hat Security Advisory 2020-4283-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.
7a511b396227e7c79c224ab43bb0fc1fd0e7cc0f2eb2ea0a8159a187a4a9ad86
Red Hat Security Advisory 2020-4381-01 - The openstack-selinux package is a collection of SELinux policies for running OpenStack on Red Hat Enterprise Linux.
06319d6e786fcdfe626e9df9c43b5eea6831a23ba224550b10bfbb51d9e1501a
Ubuntu Security Notice 4608-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.44 version of the Mozilla certificate authority bundle.
9b4019ce3ed6eb8dde275c3fce9d925a189d33c1ad19b15beb797f1ebf82276b
Oracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from local file inclusion and directory traversal vulnerabilities.
1ce61cfa5df4fb1911183bd9133f8dd66643cf0945794e668ec5c2a5cb8333b5
God Kings version 0.60.1 suffers from an improper authorization issue allowing for in-game notification spoofing.
0739b7472a6c8181be50dac6e880dba434850aeb93bca40ab3c19da4c9c1fd8c
Gentoo Linux Security Advisory 202010-8 - Multiple vulnerabilities have been found in Mozilla Firefox and Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 82.0 are affected.
d6f8ee617bc93a30faf7d5fad1b396758ce22538d413ac0e4661c2bb01acfc59
CSE Bookstore version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
22ade0807de506d719e10260a6706f161c23e19eabb44126ae5efb25be5761a3
Ubuntu Security Notice 4607-1 - It was discovered that OpenJDK incorrectly handled deserializing Proxy class objects with many interfaces. A remote attacker could possibly use this issue to cause a denial of service via a specially crafted input. Sergey Ostanin discovered that OpenJDK incorrectly restricted authentication mechanisms. A remote attacker could possibly use this issue to obtain sensitive information over an unencrypted connection. Various other issues were also addressed.
511d4e10ce236dd52aeb3cf636a58fa4bc77beae290a7b505ccd45dceb05dedb
Nagios XI version 5.7.3 mibs.php remote command injection exploit.
6855f4caf30f9e7751d6594a73e43b55ca31b7b9ddebeacdfa7108721c29da09
Ubuntu Security Notice 4603-1 - It was discovered that MariaDB didn't properly validate the content of a packet received from a server. A remote attacker could use this vulnerability to sent a specialy crafted file to cause a denial of service. It was discovered that MariaDB has other security issues. An attacker can cause a hang or frequently repeatable crash. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
0294356c27b1e6c2fe77a483a9758f2ed654d98df7f671f25e882fac606f9530