CHIYU IoT devices suffer from an integer overflow denial of service vulnerability. Affected devices include BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC with firmware versions prior to June 2021.
369646f20627c73fcfc4b1175de5a5c27aedb1a01b4addefab4dce955c086e87
Several IoT devices from the CHIYU Technology firm are vulnerable to a flaw that permits bypassing the telnet authentication process due to an overflow during the negotiation of the telnet protocol. Telnet authentication is bypassed by supplying a specially malformed request, and an attacker may force the remote telnet server to believe that the user has already authenticated. Several models are vulnerable, including BF-430, BF-431, BF-450M, and SEMAC with the most recent firmware versions.
781c1db46d4908a42a01a83b90b7f6c823afa8285764c401421aada6d4c0a9d1
Red Hat Security Advisory 2021-2204-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Issues addressed include an integer overflow vulnerability.
9a035cfbc87a6747d586ceffa4815409fcf7aad17db61e4c0e3bcf4d050443fa
Red Hat Security Advisory 2021-2206-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.11.0 ESR.
dffad670a09383ba6fa1c657c89f16e3cc7a33ddd47569476f37df5d4f7fa1e5
Red Hat Security Advisory 2021-2208-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.11.0 ESR.
464dea18c30172a6f68ee59fc10ab9585a12325b63bfa234d495f3c338abf7c6
Red Hat Security Advisory 2021-2203-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Issues addressed include an integer overflow vulnerability.
dd3e30c1af6db9ac71e476608dc4cff4393c6e1c95889d77a2726b043e3fd61a
PHP version 8.1.0-dev remote code execution exploit that leverages a backdoor under the User-Agentt header.
db919b002e73a69b79a28203d0b5d0d2988353385d8bcdefb7ee78add38b8c00
Red Hat Security Advisory 2021-2205-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a buffer overflow vulnerability.
7b10f31af5f71c94bea5faf3ae9bc196be54c049f7d3c1fa687e2957b580eb62
Red Hat Security Advisory 2021-2210-01 - These are CVE issues filed against XP1 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP1 code base. Issues addressed include bypass, code execution, and information leakage vulnerabilities.
9691b25285d178232646384c2b04af0fd9b63a9114c31e28a05a6df16be9db85
Ubuntu Security Notice 4976-1 - Petr Mensik discovered that Dnsmasq incorrectly randomized source ports in certain configurations. A remote attacker could possibly use this issue to facilitate DNS cache poisoning attacks.
2212e9df1205123c33fd5f3260226e53e71124f8f9d77b357eea7fca92bb7dcd
Ubuntu Security Notice 4975-1 - It was discovered that the Django URLValidator function incorrectly handled newlines and tabs. A remote attacker could possibly use this issue to perform a header injection attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Rasmus Lerchedahl Petersen and Rasmus Wriedt Larsen discovered that Django incorrectly handled path sanitation in admindocs. A remote attacker could possibly use this issue to determine the existence of arbitrary files and in certain configurations obtain their contents. Various other issues were also addressed.
23dda5ba935125c5afba517c657a63caaeaad0e6c1d85a6b3a1006d40d42023b
BasicNote version 1.1.9 suffers from a denial of service vulnerability.
9387e3360f4b9a75dce80179b03b5b213620f9bc40b3f925c877728693c4e664
Blacknote version 2.2.1 suffers from a denial of service vulnerability.
e371f5326b185488fd8f6cd28cbc65cb7afab4dfb6123919616fb2dc5eee01c0
Notepad Notes version 2.6.7 suffers from a denial of service vulnerability.
d329e1499add897d89d20c2c6d9d1e80beae52494ab9daf149891a39961b5810
ColorNote version 4.1.9 suffers from a denial of service vulnerability.
a5e9ecde1c55dbbed1be5767b277896bab7af27ac1c742fa039223aec8f79cb1