Debian Linux Security Advisory 4771-1 - Frediano Ziglio discovered multiple buffer overflow vulnerabilities in the QUIC image decoding process of spice, a SPICE protocol client and server library, which could result in denial of service, or possibly, execution of arbitrary code.
a1576ec4b008cf6fd0f7ce8adbf72f46bc2bf85daef60056fcf552fc79297aadDebian Linux Security Advisory 4772-1 - Priyank Nigam discovered that HttpComponents Client, a Java HTTP agent implementation, could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution.
46abf040691fa579ed519644fab0546957e697a36931ae920f60979c9e201d25Debian Linux Security Advisory 4773-1 - Two vulnerabilities were discovered in yaws, a high performance HTTP 1.1 webserver written in Erlang.
0c213b73840806d1cb1fe8a49cac06cb5bd45039df5ae7cc8dc5abd7613a84dbDebian Linux Security Advisory 4774-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.
4a7683621e889be8263c0eed0407c142799b83815cf38d1f521331435715266aDebian Linux Security Advisory 4775-1 - A directory traversal vulnerability was discovered in python-flask-cors, a Flask extension for handling Cross Origin Resource Sharing (CORS), allowing to access private resources.
8e9c6fbda033db3313524eb8cc59da0f6e3aee7a7fd3aa124e5c31e37da92aadDebian Linux Security Advisory 4776-1 - A security issue was discovered in the MariaDB database server.
c303d654bd40db8682aafd9f26d8cb2740bc2beaf7a376153c1113750c70c6daDebian Linux Security Advisory 4777-1 - Sergei Glazunov discovered a heap-based buffer overflow vulnerability in the handling of embedded PNG bitmaps in FreeType. Opening malformed fonts may result in denial of service or the execution of arbitrary code.
e07057c51dcb871a6de63e1ea7233729299127657cde7e3493253a5087c34ab0Debian Linux Security Advisory 4778-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
a5d7327d6d27bef49e8e68e45434a16a7f13da01e9dca1109bb9bc3e69c1ddf0Debian Linux Security Advisory 4779-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which could result in denial of service, information disclosure, bypass of access/sandbox restrictions or the acceptance of untrusted certificates.
731b49476c241c261998bff0a7538272dbdfcf0f2dbdba514432e1387a43d49eDebian Linux Security Advisory 4780-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.
8b4dadbc6a9dc932f30a3bd1a5683af2fbebb6fa9088460960326437e1f0cdc4Debian Linux Security Advisory 4781-1 - Vaisha Bernard discovered that Blueman, a graphical bluetooth manager performed insufficient validation on a D-Bus interface, which could result in denial of service or privilege escalation.
fca192b68db8419079766f9d06d616f92440e97aeb33c47eec3d8b3cef6d270cDebian Linux Security Advisory 4782-1 - A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet.
00759ecb63f3235a7fa183d3722a7f9bd6247c549576c7fdca5738a9f409855aFreeType suffers from a heap buffer overflow vulnerability due to integer truncation in Load_SBit_Png.
3e74cc76bab0b12102b081d5d5527d7a09ac96232ae08096c3cc4702512988b9Red Hat Security Advisory 2020-4384-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 and includes bug fixes and enhancements. Issues addressed include buffer overflow and integer overflow vulnerabilities.
467d98d3dc3e453dab213eac2a788f9c54641adf327662b50e225048b78e03a6Red Hat Security Advisory 2020-4383-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 4 and includes bug fixes and enhancements. Issues addressed include buffer overflow and integer overflow vulnerabilities.
e3fa177914caddbd671a91d6b248da680b85881080ad1c62d8b0d466e506ead0Red Hat Security Advisory 2020-4283-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.
7a511b396227e7c79c224ab43bb0fc1fd0e7cc0f2eb2ea0a8159a187a4a9ad86Red Hat Security Advisory 2020-4381-01 - The openstack-selinux package is a collection of SELinux policies for running OpenStack on Red Hat Enterprise Linux.
06319d6e786fcdfe626e9df9c43b5eea6831a23ba224550b10bfbb51d9e1501aUbuntu Security Notice 4608-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.44 version of the Mozilla certificate authority bundle.
9b4019ce3ed6eb8dde275c3fce9d925a189d33c1ad19b15beb797f1ebf82276bOracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from local file inclusion and directory traversal vulnerabilities.
1ce61cfa5df4fb1911183bd9133f8dd66643cf0945794e668ec5c2a5cb8333b5God Kings version 0.60.1 suffers from an improper authorization issue allowing for in-game notification spoofing.
0739b7472a6c8181be50dac6e880dba434850aeb93bca40ab3c19da4c9c1fd8cGentoo Linux Security Advisory 202010-8 - Multiple vulnerabilities have been found in Mozilla Firefox and Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 82.0 are affected.
d6f8ee617bc93a30faf7d5fad1b396758ce22538d413ac0e4661c2bb01acfc59CSE Bookstore version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
22ade0807de506d719e10260a6706f161c23e19eabb44126ae5efb25be5761a3Ubuntu Security Notice 4607-1 - It was discovered that OpenJDK incorrectly handled deserializing Proxy class objects with many interfaces. A remote attacker could possibly use this issue to cause a denial of service via a specially crafted input. Sergey Ostanin discovered that OpenJDK incorrectly restricted authentication mechanisms. A remote attacker could possibly use this issue to obtain sensitive information over an unencrypted connection. Various other issues were also addressed.
511d4e10ce236dd52aeb3cf636a58fa4bc77beae290a7b505ccd45dceb05dedbNagios XI version 5.7.3 mibs.php remote command injection exploit.
6855f4caf30f9e7751d6594a73e43b55ca31b7b9ddebeacdfa7108721c29da09Ubuntu Security Notice 4603-1 - It was discovered that MariaDB didn't properly validate the content of a packet received from a server. A remote attacker could use this vulnerability to sent a specialy crafted file to cause a denial of service. It was discovered that MariaDB has other security issues. An attacker can cause a hang or frequently repeatable crash. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
0294356c27b1e6c2fe77a483a9758f2ed654d98df7f671f25e882fac606f9530
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed