GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
c498db346a9b9a4b399e514c8f56dfc0a888ce8f327f10376ff984452cd154ecRed Hat Security Advisory 2021-1289-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
1e96302895692c9b0b8a92fde4ae595a9e423236811fe1c45255a7d1ae4122f8Ubuntu Security Notice 4563-2 - USN-4563-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 20.04 LTS and Ubuntu 20.10. It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service. Various other issues were also addressed.
ef6673d3e576a3567906a1a9483b4e96e99f9e148da6768d28a1344aae2f13f7Red Hat Security Advisory 2021-1288-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, out of bounds read, and use-after-free vulnerabilities.
9c60a61a3776daa86b179eb717f96ed14b2dbca64e254ce97ef039b80693d81fUbuntu Security Notice 4918-2 - USN-4918-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.
681383bb285c54714a7e76c6a451892e03f70f0a312dfd9c35cefee9e898cd2fMicrosoft Diaghub suffers from a privilege escalation vulnerability.
844a4c936f2538ce3463038b174f339bb043e808dd20dea21867c792cccc8425Ubuntu Security Notice 4919-1 - It was discovered that OpenSLP did not properly validate URLs. A remote attacker could use this issue to cause OpenSLP to crash or possibly execute arbitrary code.
1df3203dfcd132b2d94298077fedeb17ca3e5f826e72ea5070c9d402f0ae889aScapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
cd2aadf020f60102c0fc1c54a2542985adc9371572d3088376c613e1b71f8c53The Call For Papers for nullcon Goa 2021 Physical Edition is now open. Nullcon is an information security conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place in September of 2021.
bee57f85f5623301db812f84468ae733a082dcbc512db01378d670d6b22d105dRed Hat Security Advisory 2021-1272-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
bfa6496841ee1542d7ef708aa85e207819c0b0b16efa6615342e515334574151Red Hat Security Advisory 2021-1279-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
06958093299fa651850055c7fa9da79e2749b53f718ef6c16c055427660fd868Red Hat Security Advisory 2021-1266-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.
3ea7c9be6fbc9e9091f64b909707dc04a8905cee3db19b722c86b536b06fe1dcUbuntu Security Notice 4918-1 - It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing email. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.
ff4a3c55b2ef4b088ea2825e9e987101a1107644722f408f0e19e9cf2d45e7d0Fibaro Home Center Light and Fibaro Home Center 2 versions 4.600 and below suffer from man-in-the-middle, missing authentication, remote command execution, and missing encryption vulnerabilities.
61fbf8e898e5647475b75b14d238a14e644554ce2d678e64107b734ed94f6275Red Hat Security Advisory 2021-1267-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
852eba6751ddd66508e851c03236045ae5401c6808fde942430dec587e1b9abcPhone Shop Sales Management System version 1.0 suffers from a remote shell upload vulnerability.
a9d783359f5681aecb35f681452b1256db981ccbab1c518a9d5c58b33c753964Red Hat Security Advisory 2021-1260-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.7.0 serves as a replacement for Red Hat AMQ Streams 1.6.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an XML injection vulnerability.
e0b81f5d0387311e1b5ac88ce04430cc7c74c339150ee560224ac6864c135316Red Hat Security Advisory 2021-1263-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include a cross site scripting vulnerability.
c1d1771bc040c47fa5bc3d0a3ea1836b0ebcfdba2b46e3e5630e0cd1a0c0fc6fCisco RV-series routers suffer from an authentication bypass vulnerability. The RV34X series are also affected by a command injection vulnerability in the sessionid cookie, when requesting the /upload endpoint. A combination of these issues would allow any person who is able to communicate with the web interface to run arbitrary system commands on the router as the www-data user. Vulnerable versions include RV16X/RV26X versions 1.0.01.02 and below and RV34X versions 1.0.03.20 and below.
f3c8685d841186aca43bc22f8ed2b32e8512c7730129f2ed6fe20f360378fa91
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed