Ubuntu Security Notice 4600-2 - USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it was discovered that Netty allow for unbounded memory allocation. A remote attacker could send a large stream to the Netty server causing it to crash. Various other issues were also addressed.
2743e423223a69bc2e5a3493c5262e8e506d7718197a2ac2bde20270a2a9ba90
Blueman versions prior to 2.1.4 suffer from a local privilege escalation vulnerability that achieves root.
ad12e1f52e4713a386324b965386aa1a9020999aa33360fe64eedb3b1faaaecf
aptdaemon versions prior to 1.1.1 suffer from a file existence disclosure vulnerability.
6a60467266f33dfd33dccd469d46b9f39048b554f67da424046c527d10d8c317
Ubuntu Security Notice 3081-2 - Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges.
a5c9a3a9bdb78367603007ec8640aaab2dc3486f9c257dae7a0d8cdaa28cc548
PackageKit versions prior to 1.1.13 suffer from a file existence disclosure vulnerability.
c2cb1ba823e3746c7e8a7376f0d64634a3e8d0f82cd84d7bcaeca3c7d83f764c
Online Library Management System version 1.0 suffers from a remote shell upload vulnerability.
4da20cf09143b14a2750ade91ede9aa9d1031a15696f1cbe0745bd3f38554098
Point of Sales version 1.0 suffers from a remote SQL injection vulnerability.
14479cfedac75e0485e20fa319e6a41519d81d62f71e316b0d6e690a943c2987
Gym Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.
d9e14fc468e33947658caab1b00ebb95b4485be3fe34d24dce85dc4e303ca61a
Gym Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
b745d5a85f8d66a52474e9b1ce0d16a0ea6438196f210f2ee896be788ef23c20
EPSON version 1.124 suffers from an unquoted service path vulnerability.
77392f0312134ef5bd8f87e10e2d0438d4e6565420dd9f06a1b571289a14c923
Program Access Controller version 1.2.0.0 suffers from an unquoted service path vulnerability.
38d93b040d0c949a6298844741a4585801f07535c56d5185aedbcfb8a3a8e232
Prey version 1.9.6 suffers from an unquoted service path vulnerability.
43c2f1ddc67961bd69a8be2622988fde5ab1eda49d8f8cdba56ce41485449de1
IP Watcher version 3.0.0.30 suffers from an unquoted service path vulnerability.
155370a316d32e65107407972deb4367efe1bcc061e9387fc377cf727b252ba5
Red Hat Security Advisory 2020-4298-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.
b21e4b6db18910bfdf465e20ef86844c5bb5f82b4312bf2f74efe50f227b2c78
Ubuntu Security Notice 4602-2 - USN-4602-1 fixed several vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
86b1279f5ba83fe76fe52f2395906c7367643ef255456da358314e985b840833
Red Hat Security Advisory 2020-4297-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Issues addressed include information leakage, man-in-the-middle, and traversal vulnerabilities.
ad89efbaecf4af121b6a5f9076507a5e419275c9a6fba2dfaf8b66ce8a783eea
Red Hat Security Advisory 2020-4366-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include HTTP request smuggling, cross site scripting, denial of service, memory leak, and traversal vulnerabilities.
c691cbaa83066b8d59e5188ddbfb88ab178e4310136cd824c67d6356f9911b5b
TDM Digital Signage Windows Player version 4.1 suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice.
de62ec165f906395d0e555a9a219f004844be9346868125ffa1401fbec4bb456
Ubuntu Security Notice 4583-2 - USN-4583-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.10. It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. Various other issues were also addressed.
953c5ec8c6ea5705d5a7d38c3577d64521e45ed0cd76684e510b5a47bc41b518
Ubuntu Security Notice 4605-1 - Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service.
f4e1c94bc5fad949b633aad9b1d3ff52fc89d9c44561afe0d76705f447f7d736
Ubuntu Security Notice 4604-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.22 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.32. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
4e8037be519a8287b387659c5c9902fec4823fe26a5ed29943ee1901c90ba591
Red Hat Security Advisory 2020-4348-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.
cdd1e530d317b8fb4a3b2e7e8de2ba6052d56551657fd101ecb4c9a945e12520
Red Hat Security Advisory 2020-4350-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.
0e27ca91b671e011ab205fb4242f22bfe06b029e8856c37a0a4b5596f7667922
Ubuntu Security Notice 4599-2 - USN-4599-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 16.04 LTS. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary code. Various other issues were also addressed.
0cb7b1c8febb53988764a40fd3798cde7e434f570858b4ba17b00096c4cf59af
Red Hat Security Advisory 2020-4352-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.
919274ea3f1abe4515aa0d0ca87a4276af971f0ce6de9d80ae446d8052197950