Debian Linux Security Advisory 4939-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
7b50a15c1add6bc56ecf019ef10497c2efbc1ba43e512c66383a647502a92ccaDebian Linux Security Advisory 4940-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.
a5e3c708266685aeb96e7eac631ca4f2a6eef78065d06f559908a822526ab1d5Debian Linux Security Advisory 4941-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
9e4606f89d1986908d6e85cb89fbdb57f27c0579df76bf6f6ebb8845f2929900Debian Linux Security Advisory 4942-1 - The Qualys Research Labs discovered that an attacker-controlled allocation using the alloca() function could result in memory corruption, allowing to crash systemd and hence the entire operating system.
a2e04b6dd6b4135945ca528b3aaaa92706651638cca02879f67327677470b03dDebian Linux Security Advisory 4943-1 - Several vulnerabilities were discovered in lemonldap-ng, a Web-SSO system. The flaws could result in information disclosure, authentication bypass, or could allow an attacker to increase its authentication level or impersonate another user, especially when lemonldap-ng is configured to increase authentication level for users authenticated via a second factor.
09d0700a290d154bf2f6f5a21887040e4a7e0ff61710ae283859aaea342ab1fdDebian Linux Security Advisory 4944-1 - It was discovered that the Key Distribution Center (KDC) in krb5, the MIT implementation of Kerberos, is prone to a NULL pointer dereference flaw. An unauthenticated attacker can take advantage of this flaw to cause a denial of service (KDC crash) by sending a request containing a PA-ENCRYPTED-CHALLENGE padata element without using FAST.
42036edebb28009c78bc3526ed1cd53c67ee4d42a4bd26657d2433b71b487a10Debian Linux Security Advisory 4945-1 - Vulnerabilities have been discovered in the webkit2gtk web engine.
db3773c5f5bf9c0bc82d8e7414f94ae18cb4a5da421a3c58bb325df00ee051bfDebian Linux Security Advisory 4946-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in bypass of sandbox restrictions, incorrect validation of signed Jars or information disclosure.
7f41ce213e4d1a4c11df0c9bae9ce5763fd51d9c8a0975b24d5832be5dee34feDebian Linux Security Advisory 4947-1 - Andrea Fioraldi discovered a buffer overflow in libsndfile, a library for reading/writing audio files, which could result in denial of service or potentially the execution of arbitrary code when processing a malformed audio file.
fae8abc77ee669212af806a36de566251697768d968dc6604c4725e5f02ea1c9Red Hat Security Advisory 2021-2932-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, and out of bounds read vulnerabilities.
7819eab95b801ee299b0c45f60fb153ccf55a8165bda9a4b92c9e354fa35c7d0Backdoor.Win32.WinShell.40 malware suffers from a code execution vulnerability.
36bd0dcd70c37c0f6388382b04be4c7bcc24e363234f2224ab11193b7ad7cfbaRed Hat Security Advisory 2021-2931-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, and out of bounds read vulnerabilities.
e59ed91a5edb1ab96597451d6ad951184459cdd8057a7fea7fee363d15069354Event Registration System with QR Code version 1.0 suffers from authentication bypass and shell upload vulnerabilities.
fc40291e7f367fc138282d091bd129a8e4f3f89060b16b7bf82ad2b4becc1492Red Hat Security Advisory 2021-2438-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, denial of service, open redirection, resource exhaustion, and remote shell upload vulnerabilities.
44f1588b77c38919a903c4dffe0b5b58cf96f91a447694471f228851a5f89f6dDenver Smart Wifi Camera SHC-150 has a hardcoded backdoor login vulnerability available via telnet that gives a shell.
789b4b83a370842e480d42282232176547990a8306c7562bcb40708246fa13c9Red Hat Security Advisory 2021-2437-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.2. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.
7ec5b49853d7057879102f37d070eea1a55cf6c1c169311c047cfd931c993a81eGain Chat version 15.5.5 suffers from a cross site scripting vulnerability.
86f82233af5a41046687330cd64e5466b63f4308ade16bd242d6db2f54261ee8TripSpark VEO Transportation suffers from a remote blind SQL injection vulnerability.
ba67407364e373aec38862e6aebf93a49d2b7648ca3308acedd73cf52d3ddd30Ubuntu Security Notice 5023-1 - It was discovered that Aspell incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
156bc1c098663f9088bc5c9b80c634b1d8421bedcb765fe98e6cf34acbf961faRed Hat Security Advisory 2021-2914-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.
4749a8dac7c32bbf30a18979d2fb85f48edd20feb6f2a9937618408bebf6b369Jira Data Center, Jira Core Data Center, Jira Software Data Center, and Jira Service Management Data Center exposed a Ehcache RMI network service which attackers, who can connect to the service, on port 40001 and potentially 40011, could execute arbitrary code of their choice in Jira through deserialization due to a missing authentication vulnerability. While Atlassian strongly suggests restricting access to the Ehcache ports to only Data Center instances, fixed versions of Jira will now require a shared secret in order to allow access to the Ehcache service. Various versions of Jira Data Center, Jira Core Data Center, Jira Software Data Center, and Jira Service Management Data Center are affected.
1d1e7afd06b6338674555bdc5902d12019ece6717146ea1deddafa1c4ec2dfffRed Hat Security Advisory 2021-2763-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Ansible is a SSH-based configuration management, deployment, and task execution system. The openshift-ansible packages contain Ansible code and playbooks for installing and upgrading OpenShift Container Platform 3.
dd5bf4b47619cb7cf6a4d8e1c487c6dc69a9bf1975a74bdb6e734c3924fcf545PHP version 7.3.15-3 suffers from a PHP_SESSION_UPLOAD_PROGRESS session data injection vulnerability.
0d7b754de6ea28230085a820164b59d8636ad39721aaac177baa5ce7b9713c5dWordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019.
b785ce9bbb7301394cd05d0cd3354c1e425e2b69c30d276978e785ec476f8252Ubuntu Security Notice 5022-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.26 in Ubuntu 20.04 LTS and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
cb94354dd5f73441e1f7bbee5d5add0d9286fbf64dba06f3c307de072e01fa92
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed