Ubuntu Security Notice 4622-2 - USN-4622-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that OpenLDAP incorrectly handled certain network packets. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
4b076f92917b55b8e6b13785852b197b8f0c78402f6918af5d3012681e9c32f0Ubuntu Security Notice 4630-1 - Hanno Boeck discovered that Raptor incorrectly handled certain memory operations. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could cause the application to crash, resulting in a denial of service, or possibly execute arbitrary code.
ba4b2429461eb8d684ebc279cf9e14a67389506861773ebb0ad900b8281137f9Ubuntu Security Notice 4629-1 - Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions. An attacker could possibly use this issue to execute arbitrary code. Catarina Leite discovered that MoinMoin incorrectly handled certain SVG files. An attacker could possibly use this issue to execute arbitrary code.
6a94bca2d157fa53ce20f3267659c1f8775fc53a3a5bb8aff7b365d10d7a1283nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
9cc19b959142f78e2035d4131c1db432e2baa42ed9cf928b82aa0658b026f5a3Microsoft Windows suffers from a local spooler bypass vulnerability.
61c3a397ee51f0006b58ad2f59a3812935b74612177c4a79db2bb0053572084dCall For Papers for the No cON Name 2020 conference. It will be held online December 18th through the 20th, 2020.
258d7354f7e434b02414550ee6297dcb990eafcdfc13e3f9c2f1d1c9c0384bc2Customer Support System version 1.0 suffers from a persistent cross site scripting vulnerability.
ca580474c4352a83ccf836e4c821b28a3d68feeae7b03c42d7fdc81b1152616cCustomer Support System version 1.0 suffers from a cross site request forgery vulnerability.
39eebd3c8d49cf61712b725a7d80c7b5f0c4c8ab2185d9d0745408abb2aeeca6Customer Support System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
a0e28fc74e96b490350e9e6a49dc13c4778cbfcc47f431076847ac79e42185fcRed Hat Security Advisory 2020-5086-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
51a4d744605ca328594e02d8bd9ebbb530a2ad8fdd07fc010928825fae10d7dbRed Hat Security Advisory 2020-5083-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Issues addressed include an information leakage vulnerability.
42190c7282f4c658e06279bcc5b86c128045392c4b64b9bcd37543f7b7328ebaRed Hat Security Advisory 2020-5084-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 6.
810df6007af8640bf65333e5350e4d25a7d78d5c22eaafd4e927d85cf5d7dc9dRed Hat Security Advisory 2020-5085-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 8. Issues addressed include an information leakage vulnerability.
9a41119a77130e5b108d0b2682cd5c7897e78cb3f0df6c5b2a2531237f2746a0Ubuntu Security Notice 4628-1 - Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
ac81944641dddf11488a9bdf22af1912f755f581de876af8741696bae832e3faGentoo Linux Security Advisory 202011-14 - A vulnerability has been discovered in MariaDB which could result in the arbitrary execution of code. Versions less than 10.5.6 are affected.
e8964319575a5fd75c91c70fed1bb5d7380caf7d6c3bb395749bf42168c34776Gentoo Linux Security Advisory 202011-13 - Multiple vulnerabilities have been found in Salt, the worst of which could result in the arbitrary execution of code. Versions less than 3000.5 are affected.
abb5e03a5ec887de7abc41bf6db230426d3a812179a8d18df5eca701d9593ba9Gentoo Linux Security Advisory 202011-12 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 86.0.4240.193 are affected.
a9b46f9ccc5ada73083a35dfb54fe083fb56da19b0176cde5ff2317d560ecdb4Gentoo Linux Security Advisory 202011-11 - A privilege escalation vulnerability has been discovered in Blueman. Versions less than 2.1.4 are affected.
d1a319518d23072df82ddb23e7ac8498b8ce75a7ced766173d542640e3bbaadcGentoo Linux Security Advisory 202011-10 - A buffer overflow in tmux might allow remote attacker(s) to execute arbitrary code. Versions less than 3.1c are affected.
3a64db7c5da2c31d810955dbc3a511942efbc0c651b4fcf238e960d1eeef51f0Gentoo Linux Security Advisory 202011-9 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 5.1.0-r1 are affected.
5d95ad52fc75012ed91b82e53b3043a7867fe90adef97e5fe61a56d75c7075b6Gentoo Linux Security Advisory 202011-8 - Multiple vulnerabilities have been found in Wireshark, the worst of which could result in a Denial of Service condition. Versions less than 3.4.0 are affected.
d95126e43cf4f2925a9ca199805ec8d7701fcb53532187933665015aabaa5283Gentoo Linux Security Advisory 202011-7 - A use-after-free in Mozilla Firefox might allow remote attacker(s) to execute arbitrary code. Versions less than 82.0.3 are affected.
4b1912ff8b58ae3cf8446bb5011eb79c7f84492c870faefdbcf52fd29fa26f61Ubuntu Security Notice 4627-1 - Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information.
227bbb50540c4cabb720611110526d2fb41ccd194cad0f53df0c5ba196ab8ca2Ubuntu Security Notice 4626-1 - Simon Scannell discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information or gain administrative privileges. Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
da25d2442e323c1c467af193e2d689c49f1e62e8fb167128f9827485fabcdb89Red Hat Security Advisory 2020-5079-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a denial of service vulnerability.
7c9ef1548ac41342b416f02ddc9fc09baced0e913efd0d26756e653636915787
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed