Debian Linux Security Advisory 4907-1 - It was discovered that composer, a dependency manager for PHP, did not properly sanitize Mercurial URLs, which could lead to arbitrary code execution.
dddfc0d1a34bb295cdb7f0ce6dbeceacc8b317559a41eae4a91b2a1a41a4eddf
Debian Linux Security Advisory 4908-1 - It was discovered that libhibernate3-java, a powerful, high performance object/relational persistence and query service, is prone to an SQL injection vulnerability allowing an attacker to access unauthorized information or possibly conduct further attacks.
916cc89b698ba282a81fd6c600086d11950667adc8ce56a8ab2de7689a7491ec
PFSense version 2.5.0 suffers from a persistent cross site scripting vulnerability.
02b3a89e00b1d86a0f7404761e5aeb0f3dd4630b2ce7e4c2b07ba93c7ea691c7
Android suffers from an out-of-bounds write in the NFC stack when handling MIFARE Classic TLVs.
95f7586d9c9572c817ae465d9365cac1a950277dfa2d9ddeb3aefcc41ac59f17
Ubuntu Security Notice 4913-2 - USN-4913-1 fixed vulnerabilities in Underscore. This update provides the corresponding updates for Ubuntu 21.04. It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code.
350842fbaf82976892c3b2250d8ba9dc8abe42dafa6dc96be447160cbd0be785
Red Hat Security Advisory 2021-1445-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
f39f12457d3896a23f8ec61fbd3323b3d526ac5fc1937e94eb52833e393a0c99
Red Hat Security Advisory 2021-1444-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
67da5369420e42e2b6feb420d31d92a1933c5b8300d29f55886dec76454efa17
Red Hat Security Advisory 2021-1447-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
ed4a62ba45bff85e8242bba3d7f3c8cc561f2458ef479e97dc2205e349a83330
Red Hat Security Advisory 2021-1446-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
7d31c4569458e924cd19179aaf08dfb777a837862e844dc0f3595d04c32cf13a
Apple Security Advisory 2021-04-26-10 - Xcode 12.5 addresses an arbitrary code execution vulnerability.
39bca81a5aa62d2d72980d7d122769fc684d6c93ebeed0118673d5f8efea0142
Apple Security Advisory 2021-04-26-9 - iTunes 12.11.3 for Windows addresses cross site scripting and use-after-free vulnerabilities.
9848c27f83eb8f5d1254ad26ca3ef1b6b90d014aa47b43accc73d9cf54be7dd1
Apple Security Advisory 2021-04-26-8 - iCloud for Windows 12.3 addresses cross site scripting and use-after-free vulnerabilities.
1cc4cfa6ea95e459ca4e074d427d422a9ef72cb62dc2d792802255eccb655918
Apple Security Advisory 2021-04-26-7 - Safari 14.1 addresses cross site scripting and use-after-free vulnerabilities.
29a85fa1788d03670052569ad7bf4cddba2ac3d0dd991d3e8a3d7672f27c5b29
Apple Security Advisory 2021-04-26-5 - watchOS 7.4 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
3e357f4d6d06f16607fdeb6cf917cd41d9d934d89fccbc721167051b21f0c071
Apple Security Advisory 2021-04-26-6 - tvOS 14.5 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
57a6f83c8c9d03b7614b353da89b5804119ed1c188a18f265edfe21aebd06084
Ubuntu Security Notice 4892-1 - It was discovered that OpenJDK incorrectly verified Jar signatures. An attacker could possibly use this issue to bypass intended security restrictions when using Jar files signed with a disabled algorithm.
64ef438cfc12a8ae23f0eaeed427df1ff06a2de636cd97ab1965760863f84153
Backdoor.Win32.Agent.afq malware suffers from a heap corruption vulnerability.
f46ad9d6ff8413bc6b571690fc3661a3308a61b6a2b3b6ba4da2b61e6ce40019
Backdoor.Win32.Agent.afq malware suffers from a directory traversal vulnerability.
c61586efd542ab899a2ca890fdb49d1bd00571af2de1dcbeacaa29cef23b2fdf
Whitepaper called Root Detection Bypass with frida-push and Objection for iOS and Android. Written in Turkish.
45f36c6bf6ed685564a83d35c56a32d92feeddf07e9da89b13871d883ea28671
Red Hat Security Advisory 2021-1407-01 - The etcd packages provide a highly available key-value store for shared configuration. Issues addressed include a denial of service vulnerability.
1f4ea13c0675289defaa946720a34c6979da925604bff0a8ee4064cb8b899470
Release functionality on GitHub.com allows modification of assets within a release by any project collaborator. This can occur after the release is published, and without notification or audit logging accessible in the UI to either the project owners or the public.
a9d09c7f970e183298b90b8052e3412ba79d05b1448bd2d0c9c5ff3dfc4ead5b
Apple Security Advisory 2021-04-26-4 - Security Update 2021-003 Mojave addresses buffer overflow, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
085c6075d838947dd67d434b7dca655198a676e3fba244100c6a5b22d8c8e963
Backdoor.Win32.Agent.afq malware suffers from a missing authentication vulnerability.
66a256be78a2b1d91b956393409c7f0a32d982b983ecafe35a22a1891897363b
Apple Security Advisory 2021-04-26-3 - Security Update 2021-002 Catalina addresses buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
9fb4794f7521059a8704f973e8f3f52c8d67eaf416db339cd80d4855e58d63e0
Kirby CMS version 3.5.3.1 suffers from a cross site scripting vulnerability.
6df556d967d4440fd3638967713eded85af7415cf01753ccabeda76f5d9fa161