Red Hat Security Advisory 2021-2599-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass and use-after-free vulnerabilities.
328c5c026f32edfec51846f77f77425f5561fa6a3f2f3bb7afb29408f48a610c
Red Hat Security Advisory 2021-2563-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
29f95c53b6bede9ea1a91fa03ac102e733d991d467b629c0d7576f6b5debe95a
Red Hat Security Advisory 2021-2561-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.
f3cd1db006604fa6b5ec96f64cd45152cf6b247c0b550fab1007a90fe65d5bff
Red Hat Security Advisory 2021-2562-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.
7483c97d1f9fb372e81b8472c214b78b36b64578a63172ce3a020369a769c580
Red Hat Security Advisory 2021-2500-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and denial of service vulnerabilities.
7f470cc3a3c9b2403979f660d4869d6f9fd410719e628699aeb9ae7050ab28de
Red Hat Security Advisory 2021-2499-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.36. Issues addressed include a denial of service vulnerability.
fc33e3ccc5d69dcd993e15c937230658440ccc17e77d1efce3da137b504799bc
This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware.
49c4f1854b364aa7ea7083581351f867128e71ea783d0ecd71fc41bcf7f63584
ES File Explorer version 4.1.9.7.4 arbitrary file read exploit.
49c30b8691d656d1bb19d03dc76bb300764a671ff450cedd6ccb6933b28818a2
Debian Linux Security Advisory 4924-1 - Multiple denial of service vulnerabilities were discovered in the Squid proxy caching server.
bb078100916e24e9f6fab4cdffd1581bfb25135effcfd1ea0796c419492e9ab7
Debian Linux Security Advisory 4925-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
09ec229ca6840202bfdbf708f98d63f641c195baf0610b351002f0358e983ebf
Debian Linux Security Advisory 4926-1 - It was discovered that lasso, a library which implements SAML 2.0 and Liberty Alliance standards, did not properly verify that all assertions in a SAML response were properly signed, allowing an attacker to impersonate users or bypass access control.
08b4234df9f67ce6f83c65e4a968d07d2850e3fecb674a809062330aa85eaef6
Debian Linux Security Advisory 4927-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. In adddition two security issues were addressed in the OpenPGP support.
e0ff5e33191b62087e62de2b5a2c3cca3dcca60fb85771f7235a7b857d2bbe9d
Debian Linux Security Advisory 4928-1 - A buffer overflow was discovered in HTMLDOC, a HTML processor that generates indexed HTML, PS, and PDF, which could potentially result in the execution of arbitrary code. In addition a number of crashes were addressed.
3adb57fed9a36d431320feca7d132e363d603300766a7e07b042afae3d855b4a
Debian Linux Security Advisory 4929-1 - Multiple security issues were discovered in the Rails web framework which could result in denial of service.
1091a50f475f452b0b0e98ad4fba5c90bfa36bbf394db0cec250f9a1ae236f7d
Debian Linux Security Advisory 4930-1 - Multiple vulnerabilities were discovered in libwebp, the implementation of the WebP image format, which could result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed images are processed.
076fcd6e03ca2eaad59debb93804cc23a1e47de27f0e9ebd6b36555e46e51cac
Debian Linux Security Advisory 4931-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service or information leaks.
253cc2500792fc288b35ca43884dc8a6c704282897366ece804cdf0be5ad85a5
Debian Linux Security Advisory 4932-1 - Multiple security vulnerabilities were discovered in Tor, a connection-based low-latency anonymous communication system, which could result in denial of service or spoofing.
18890b4acb8c50dc00ffb546ccde2e0a2dc9cfcb68bc471f1cfc92b5084e2ddd
Debian Linux Security Advisory 4933-1 - Multiple vulnerabilities were discovered in nettle, a low level cryptographic library, which could result in denial of service (remote crash in RSA decryption via specially crafted ciphertext, crash on ECDSA signature verification) or incorrect verification of ECDSA signatures.
2215cb9496006024c8f5c103dd9ae8a1ceb2a93d6d2ff478f20730eb50d664af
Debian Linux Security Advisory 4934-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities which could result in privilege escalation in combination with VT-d and various side channel attacks.
2333b3dca40ab7a756d37096ebf7a8e5e4f9fd7e2cb4a90a65fe71679e34f909
This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin versions from 7.0.0 through 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable server.
fab2eeb88db6a1f9b11eed6c490a6ca021dd6f8237a47b405d41bd041a36af45
Ubuntu Security Notice 4997-2 - USN-4997-1 fixed vulnerabilities in the Linux kernel for Ubuntu 21.04. This update provides the corresponding updates for the Linux KVM kernel for Ubuntu 21.04. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Various other issues were also addressed.
16f2c8cca9066cef3cbb8b6417110467cabb0932233c1b98fecf1f6a500fac6b
Constructor.Win32.Bifrose.asc malware suffers from buffer overflow and heap corruption vulnerabilities.
f9de4beeccabbbacc6f282a0c87fbb59cbf7fb3821fe1d204bf99e19e0bb2667
WordPress YOP Polls plugin version 6.2.7 suffers from a persistent cross site scripting vulnerability.
37dfd8abad79e4b69350ef7295da874458a3b9b294f44696d84f80fef21ddd14
Personnel Record Management System version 1.0 unauthenticated administrator addition exploit that also adds a stored cross site scripting payload.
c9257cef037dacedb3db4a1a6b67bd2fc2ac61defffc09745ac32d35d356bbcb
Netgear WNAP320 version 2.0.3 suffers from an unauthenticated remote code execution vulnerability.
f55265a3529db3a819eee1b0f00df0a280e909fc77f24c6ee5747d5c6d90f7d4