Red Hat Security Advisory 2021-1515-01 - Openshift Logging Bug Fix Release. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.
ab45aed5b4a37ed612ab3eec5c69b65457d5fa5f08b9853d3201be027d3943e6Ubuntu Security Notice 4938-1 - It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files.
54a6d8d64b2ff02f76daa157cff76e092dc434c7f8842ed4d5cd459159fbfa06Ubuntu Security Notice 4936-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird may keep key material in memory in some circumstances. A local attacker could potentially exploit this to obtain private keys. Various other issues were also addressed.
501454502ae69c1679ba468249f8ff39358baa3bba0fcb8166555d3966722930Red Hat Security Advisory 2021-1511-01 - Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7. This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 7 and 8. Issues addressed include an information leakage vulnerability.
387d5225b90090472ff8b9f0012515e87a3db7b6ae3622b3eb769acfc9779fbeb2evolution version 7-2-2 suffers from a remote SQL injection vulnerability.
8fcf6780fb886e3f47d5c83ca222ec282932c012986ba997bf2b83f2e8991aeaWordPress WP Super Edit plugin version 2.5.4 suffers from an arbitrary file upload vulnerability.
c19dad04d0cbe3d7d7fae69d5db017f3d1ca56e8ec4f228cbbe8e1c65b228443Red Hat Security Advisory 2021-1512-01 - PostgreSQL is an advanced object-relational database management system.
029a15ceb03423f6a8f6471b0cdeb0454525bd3b92f2c481dd7512ca57038725Ubuntu Security Notice 4937-1 - Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution.
cef58311b5408a11773fc9837781a00d24b3ee3c980444c649299495e43b149cSchlix CMS version 2.2.6-6 suffers from a remote code execution vulnerability.
700f19993f9ebc434a978671cc1e492fd859873ce13ee8cb5f325a47b438a4f8Schlix CMS version 2.2.6-6 suffers from a persistent cross site scripting vulnerability.
e74ac9b4de0b3702a29f0ef0c913390be485eb454ce19cee8a77ce29e4a19adcThis whitepaper discusses Pass The Hash attacks as well as the tooling needed to perform the attacks.
ec69b15d93c1429aef8bc4c36038e8b2055bb2f82cb8cb843752e4ecc59664aeUbuntu Security Notice 4934-2 - USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026 only affected Ubuntu 16.04 ESM. It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges. Various other issues were also addressed.
d84bb6e497884aa30f214eda6aa0699a170ef1533f22c816ec88d744923388bfjSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.
fd59d2103793e3bc70faa07d858dbd00f7d7206758f08acdc980fd2df01e5a7cRed Hat Security Advisory 2021-1509-01 - Jetty is a 100% Java HTTP Server and Servlet Container. Issues addressed include a resource exhaustion vulnerability.
ba197d4fd14d678de290d2c037600d71497d1ff98c747ea93d15d1d0dc493336Red Hat Security Advisory 2021-1429-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include an XML injection vulnerability.
080261f12c95415e46d2e885ab13d75245d27a7ac95fd992cb11dd540475be30Red Hat Security Advisory 2021-1499-01 - Red Hat Advanced Cluster Management for Kubernetes 2.2.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Issues addressed include code execution and denial of service vulnerabilities.
8ee86af2e6e5cf257adb8180ff1684b68bd6f19ef3a9e51835ae1cfb07136e35Red Hat Security Advisory 2021-1366-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.9. Issues addressed include a denial of service vulnerability.
c810857c466a9352c66790ffdaec6d7df80cca900641ac2eacb806f1cde3a2e8Gentoo Linux Security Advisory 202105-1 - Multiple vulnerabilities have been found in Exim, the worst of which allows remote attackers to execute arbitrary code. Versions less than 4.94.2 are affected.
9641088a5d30400392651664cd8a2eda6036d0bb0367614d0ba89dcb7b10220bXmind version 2020 suffers from a cross site scripting vulnerability that can lead to remote code execution.
9757c91e04673c755b25bf670240e785e7efcfe03755886d3fc690564d3f0c52Tagstoo version 2.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
1eb5ee17df8e3d6fecf9805a9846cb22510ce5fa5eeaef4c201a9d07719f29cdMarky version 0.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
8547108d134e78458c80db70cc0b18ca1d736a915bb1e639cc8fcb7a33251049StudyMD version 0.3.2 suffers from a cross site scripting vulnerability that can lead to remote code execution.
0ff9332b58d61f24aca94ed47835f37b98d8ca2e4f55f336db9b7d204b5998baSnipCommand version 0.1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
92e4b128fffe9334009daffc74f886b760d48ca8bf11afbbe93a13ba3c4dfcd2Moeditor version 0.2.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
093b979ba75c8a308b73c7eff6a9e030b070e20498632044560f1774279ab55fMarkdownify version 1.2.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
024dcb90eab66768116b54f77c870cf874eeb87a45f3458b91e4ab6af36341d8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed