Ubuntu Security Notice 4968-2 - USN-4968-1 fixed a vulnerability in LZ4. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a specially- crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
82af8b5f2df1dbee5f397fdec283ce1312ffcfd090e73923701d2913c7d88366Red Hat Security Advisory 2021-2147-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Issues addressed include an integer overflow vulnerability.
6aee07fca9b8500397e195d8b44bf16ccde143d5e4e22f12dbb91af89d120f57IPS Community Suite versions 4.5.4.2 and below suffer from a PHP code injection vulnerability. The vulnerability exists because the IPS\cms\modules\front\pages\_builder::previewBlock() method allows to pass arbitrary content to the IPS\_Theme::runProcessFunction() method, which will be used in a call to the eval() PHP function. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires an account with permission to manage the sidebar (such as a Moderator or Administrator) and the "cms" application to be enabled.
392b40ad40c330e4deb04c99f4ff988666d96d0c4e3c606a17ec99241047911aBackdoor.Win32.WinShell.a malware suffers from a code execution vulnerability.
2acfadfd50c717b16b09111c60577beb07fe2c6d4666c82b7fb0e69c5a129873The document in this archive illustrates using the included proof of concept exploit to achieve root on Ubuntu systems using a flaw in the OverlayFS file system. The exploit itself does not have author attribution as the proof of concept came through SSD Disclosures.
7380c1055909d23c493abb4f5067d3428e536c6a0041025856be420b9c8732fbRed Hat Security Advisory 2021-2145-01 - The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime.
92bbc6eb9ea686ce33c222dbcf938d193f7b48b7fead884a832d0a3f105fc160PHP version 8.1.0-dev unauthenticated remote command execution proof of concept exploit that leverages the backdoor.
f726aea9ab9a0663c00691675009247212802a4e2f78a7fb5cea2c34dc366e86Backdoor.Win32.Whirlpool.a malware suffers from a buffer overflow vulnerability.
a7328f384cdc732a49e33d0569c16aeda57cadf3dcd1a21e7595ce4a1c88fa01Backdoor.Win32.NetControl2.293 malware suffers from a code execution vulnerability.
2a63a0bd27bc876d26c73153ba8746836b037966ccf05fc460ac0181600cb7a1Red Hat Security Advisory 2021-2144-01 - Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere.
742bf71ea07a32f9899dc8ae4b57c27371cfb3e9a6e4e3b8868c253deb322207Backdoor.Win32.Netbus.12 malware suffers from an information leakage vulnerability.
48d2d233dd3c0522e78191a1e92f861eadcd7f6a67bf56cb2e72f6192867f7fc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed