Debian Linux Security Advisory 4907-1 - It was discovered that composer, a dependency manager for PHP, did not properly sanitize Mercurial URLs, which could lead to arbitrary code execution.
dddfc0d1a34bb295cdb7f0ce6dbeceacc8b317559a41eae4a91b2a1a41a4eddfDebian Linux Security Advisory 4908-1 - It was discovered that libhibernate3-java, a powerful, high performance object/relational persistence and query service, is prone to an SQL injection vulnerability allowing an attacker to access unauthorized information or possibly conduct further attacks.
916cc89b698ba282a81fd6c600086d11950667adc8ce56a8ab2de7689a7491ecPFSense version 2.5.0 suffers from a persistent cross site scripting vulnerability.
02b3a89e00b1d86a0f7404761e5aeb0f3dd4630b2ce7e4c2b07ba93c7ea691c7Android suffers from an out-of-bounds write in the NFC stack when handling MIFARE Classic TLVs.
95f7586d9c9572c817ae465d9365cac1a950277dfa2d9ddeb3aefcc41ac59f17Ubuntu Security Notice 4913-2 - USN-4913-1 fixed vulnerabilities in Underscore. This update provides the corresponding updates for Ubuntu 21.04. It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code.
350842fbaf82976892c3b2250d8ba9dc8abe42dafa6dc96be447160cbd0be785Red Hat Security Advisory 2021-1445-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
f39f12457d3896a23f8ec61fbd3323b3d526ac5fc1937e94eb52833e393a0c99Red Hat Security Advisory 2021-1444-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
67da5369420e42e2b6feb420d31d92a1933c5b8300d29f55886dec76454efa17Red Hat Security Advisory 2021-1447-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
ed4a62ba45bff85e8242bba3d7f3c8cc561f2458ef479e97dc2205e349a83330Red Hat Security Advisory 2021-1446-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
7d31c4569458e924cd19179aaf08dfb777a837862e844dc0f3595d04c32cf13aApple Security Advisory 2021-04-26-10 - Xcode 12.5 addresses an arbitrary code execution vulnerability.
39bca81a5aa62d2d72980d7d122769fc684d6c93ebeed0118673d5f8efea0142Apple Security Advisory 2021-04-26-9 - iTunes 12.11.3 for Windows addresses cross site scripting and use-after-free vulnerabilities.
9848c27f83eb8f5d1254ad26ca3ef1b6b90d014aa47b43accc73d9cf54be7dd1Apple Security Advisory 2021-04-26-8 - iCloud for Windows 12.3 addresses cross site scripting and use-after-free vulnerabilities.
1cc4cfa6ea95e459ca4e074d427d422a9ef72cb62dc2d792802255eccb655918Apple Security Advisory 2021-04-26-7 - Safari 14.1 addresses cross site scripting and use-after-free vulnerabilities.
29a85fa1788d03670052569ad7bf4cddba2ac3d0dd991d3e8a3d7672f27c5b29Apple Security Advisory 2021-04-26-5 - watchOS 7.4 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
3e357f4d6d06f16607fdeb6cf917cd41d9d934d89fccbc721167051b21f0c071Apple Security Advisory 2021-04-26-6 - tvOS 14.5 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
57a6f83c8c9d03b7614b353da89b5804119ed1c188a18f265edfe21aebd06084Ubuntu Security Notice 4892-1 - It was discovered that OpenJDK incorrectly verified Jar signatures. An attacker could possibly use this issue to bypass intended security restrictions when using Jar files signed with a disabled algorithm.
64ef438cfc12a8ae23f0eaeed427df1ff06a2de636cd97ab1965760863f84153Backdoor.Win32.Agent.afq malware suffers from a heap corruption vulnerability.
f46ad9d6ff8413bc6b571690fc3661a3308a61b6a2b3b6ba4da2b61e6ce40019Backdoor.Win32.Agent.afq malware suffers from a directory traversal vulnerability.
c61586efd542ab899a2ca890fdb49d1bd00571af2de1dcbeacaa29cef23b2fdfWhitepaper called Root Detection Bypass with frida-push and Objection for iOS and Android. Written in Turkish.
45f36c6bf6ed685564a83d35c56a32d92feeddf07e9da89b13871d883ea28671Red Hat Security Advisory 2021-1407-01 - The etcd packages provide a highly available key-value store for shared configuration. Issues addressed include a denial of service vulnerability.
1f4ea13c0675289defaa946720a34c6979da925604bff0a8ee4064cb8b899470Release functionality on GitHub.com allows modification of assets within a release by any project collaborator. This can occur after the release is published, and without notification or audit logging accessible in the UI to either the project owners or the public.
a9d09c7f970e183298b90b8052e3412ba79d05b1448bd2d0c9c5ff3dfc4ead5bApple Security Advisory 2021-04-26-4 - Security Update 2021-003 Mojave addresses buffer overflow, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
085c6075d838947dd67d434b7dca655198a676e3fba244100c6a5b22d8c8e963Backdoor.Win32.Agent.afq malware suffers from a missing authentication vulnerability.
66a256be78a2b1d91b956393409c7f0a32d982b983ecafe35a22a1891897363bApple Security Advisory 2021-04-26-3 - Security Update 2021-002 Catalina addresses buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
9fb4794f7521059a8704f973e8f3f52c8d67eaf416db339cd80d4855e58d63e0Kirby CMS version 3.5.3.1 suffers from a cross site scripting vulnerability.
6df556d967d4440fd3638967713eded85af7415cf01753ccabeda76f5d9fa161
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed