Montiorr version 1.7.6m suffers from a cross site scripting vulnerability via a file upload.
5e6dcee09ca3a6208dca09fa733156105f960720d70334ae602f8f337f70aaa0Red Hat Security Advisory 2021-1373-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
1f4d9d0e249812a79e1d8846ca1ee2bd1ed40eb3dd88b4c6ea3ae28227ac7239Ubuntu Security Notice 4922-2 - USN-4922-1 fixed a vulnerability in Ruby. This update provides the corresponding update for Ubuntu 21.04. Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack. Various other issues were also addressed.
96b1c27761aa4515d434bb88738c784659440ebe67ff98e0ef81fba1977acc46Ubuntu Security Notice 4927-1 - It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information.
533d077593a89bffc8dcc218ea5f2c07595f00138c5d741deece8f4a4971ceafRed Hat Security Advisory 2021-1225-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
3a05bad80a674718355ebe46f5046e9703939e28d4e4b101737c1cfa71cb54d0Red Hat Security Advisory 2021-1369-01 - Red Hat Advanced Cluster Management for Kubernetes 2.1.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues.
019fe35bad08451966b333b48fcaaaf15597ee545c7cbbff9ea4261482d338dfRed Hat Security Advisory 2021-1227-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
350fe9c8bdf5243a8fa4a7c0e6374dcb823da4a150e6064f7632a623c698cf6fRed Hat Security Advisory 2021-1363-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.10.0 ESR. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.
1f13cac2e9bf55b3d937c02a0f2822cb7a9c8825fa475eb6e47ca9b4a675fbecRed Hat Security Advisory 2021-1361-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.10.0 ESR. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.
06a96adc0cb4686dfca9e0532a5b12b3eaa30ac5119917c747f6e69c8502f147Red Hat Security Advisory 2021-1360-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.10.0 ESR. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.
b3a1dce547d647bb72354e1d6bd119dc0341fe07198dd37451b7ab89ead4a09aRed Hat Security Advisory 2021-1362-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.10.0 ESR. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.
1920fc851fca65a2f7bb1803c762e0d503e1d8f744bd2136d5cf375badca3708Red Hat Security Advisory 2021-1350-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.10.0. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.
3b714c0d61188b89eb22df6e2ed72e9a299bbb5e5d6a91e9c762d3071f86d9d9Red Hat Security Advisory 2021-1352-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.10.0. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.
f01e95af13ef5e8ef1f695e64073c2cf1619119c6ea9f99a7d700c9057af96c6Red Hat Security Advisory 2021-1354-01 - XStream is a Java XML serialization library to serialize objects to and deserialize object from XML.
1043af174a102c2f243bdf436f3630dae7f8386abfdc9c588d4c9e75061e0d43Red Hat Security Advisory 2021-1351-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.10.0. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.
9cb9c1c658e85899c18462a7ae12fcf7560d19e10446376cc29b65337a2b9051Red Hat Security Advisory 2021-1353-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.10.0. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.
577ff192187d01b6d5999811959645ea5037d51fe42ea70deb2e5e2a1ed836c3Hasura GraphQL version 1.3.3 remote code execution exploit.
fd1bd472d72681b6bea0f117f6be6354dd7d97665b44e8f65f4f6a6b4af05267OpenPLC version 3 authenticated remote code execution exploit.
65b0210385b608740a93271d55b93113eacb1472f424450c8a33864212b6c54dSEO Panel version 4.8.0 remote blind SQL injection exploit. Original discovery in this version is attributed to Piyush Patil in February of 2021.
1484a300db9ca4769e7f8862d2b2c8deb6c8fe61ea69d300b5d0d81c9690ea4aWindows 10 Wi-Fi Drivers For Intel Wireless Adapters version 22.30.0 suffer from a privilege escalation vulnerability.
32a3533c7499f0b1656df4f46d4c4091cf67f7d914aa53d3ffec372e45979b20Worm.Win32.Busan.k malware suffers from an insecure transit vulnerability.
e69f213893c264746d1b1bde4cd255d1442b5c6ca56cbc76a86e46788c6af3edThe openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
7c3e540b757fe35de15f21a849f1afa4d3776ee3279276ada4ddd3506c3679c2Ubuntu Security Notice 4925-1 - Toni Huttunen and Fraktal Oy discovered that the Shibboleth Service provider allowed content injection due to allowing attacker-controlled parameters in error or other status pages. An attacker could use this to inject malicious content.
6ad6f608a285dacbd171aa3b9be8cc237c897d08f93bc06eae2531fcf9bbea12The Sipwise application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Versions affected include CE_m39.3.1 and below and NGCP www_admin version 3.6.7.
7af65ecb81ce4b4c1a3d5b2e77c78c1b93a601f5b442985ac77bb97f00dc5731Red Hat Security Advisory 2021-1342-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
c4c88e982d5950f25ad969831eb6d229715ff1c644687edcd83377d4672a933e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed