The call for papers for hardwear.io 2021 in the Netherlands is now open. It will take place October 28th through the 29th, 2021 at NH Hotel Den Haag, The Netherlands.
68c8cf7a45d193d9d0d1360a6d987ce1ee4b0018bcef8b1a265a29c1fb7d7a14
Apple Security Advisory 2021-07-21-7 - Safari 14.1.2 addresses code execution and use-after-free vulnerabilities.
704085a2e819a5951d974f27a4837d1d8f0e0185d1faede3ed42513625d1eab2
Apple Security Advisory 2021-07-21-6 - tvOS 14.7 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
15e206ef34c8acb3c4b84465c1f65a0de257d34e15421f31b0b4d02179e52590
Apple Security Advisory 2021-07-21-5 - watchOS 7.6 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
f1b361d5c80fd26cdf30aee03346f0e7d1e462f2a4cef5e95296af910ccc7ec5
Apple Security Advisory 2021-07-21-4 - Security Update 2021-005 Mojave addresses code execution, double free, information leakage, integer overflow, out of bounds read, and out of bounds write vulnerabilities.
e21f56d5a667fcc5ff7b65c8716a46a90e4fa303e50daa8548cf0fc30181d8d7
ElasticSearch version 7.13.3 memory disclosure exploit.
9a4add6c13c0ca5bf368c54fa1101802fefdcef94378b62f10449135ae596c5c
Apple Security Advisory 2021-07-21-3 - Security Update 2021-004 Catalina addresses buffer overflow, code execution, double free, information leakage, integer overflow, out of bounds read, and out of bounds write vulnerabilities.
b3d2847fff9a95383950811d3cc281863681b89bbc0181e1f8fbd3f3f4a72b74
Apple Security Advisory 2021-07-21-2 - macOS Big Sur 11.5 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
f1b1ad2b7946e49168d2827b239b02d15826660e1fe96ee4118da01db9e6d196
Apple Security Advisory 2021-07-21-1 - iOS 14.7 and iPadOS 14.7 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
29358ea6cdd8675eaaf91eba676a9319ca50958300cb7768aafeb2307f7ade9a
Microsoft SharePoint Server 2019 remote code execution exploit.
46e9d1239eeb594d08bb2032164a87b9a5b13bfc22da02cdddd6ca552f3b5850
Gentoo Linux Security Advisory 202107-52 - Multiple vulnerabilities have been found in Apache Velocity, the worst of which could result in the arbitrary execution of code. Versions less than 2.3 are affected.
a151f0d600f0a5f670087824f86c2e5c25a0bbb058b16243c5cc875ab0913975
Gentoo Linux Security Advisory 202107-51 - Multiple vulnerabilities have been found in IcedTeaWeb, the worst of which could result in the arbitrary execution of code. Versions less than 1.8.4-r1 are affected.
a0774dc797109d9b3618c661a3e98a6c00269145ee292208e88d6da3e2c1fdd4
WordPress Simple Post plugin version 1.1 suffers from a persistent cross site scripting vulnerability.
5399db22e471fc6f6d3d5b99b5680ea7c890cd13fb99ab57ac400213e2b6b770
Depending on the timing, it is possible for Asterisk to crash when using a TLS connection if the underlying socket parent/listener gets destroyed during the handshake.
f908e37fa6bf92ff245d1f52190b304b3ef6738cc22397a7a0ad4665b63b3f39
If the IAX2 channel driver receives a packet that contains an unsupported media format it can cause a crash to occur in Asterisk.
4b4013dde28ebd85bf26ab9c3fd8cf604c2de2c7aacef317b575436966ddf0a0
When Asterisk receives a re-INVITE without SDP after having sent a BYE request a crash will occur. This occurs due to the Asterisk channel no longer being present while code assumes it is.
ed776e0af45a5b2a169abf425e456827171d23d6768bff6373779d772dd49e62
Ubuntu Security Notice 5021-1 - Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. Harry Sintonen discovered that curl incorrectly reused connections in the connection pool. This could result in curl reusing the wrong connections. Various other issues were also addressed.
7ac8b3d2c694f2858e4713261d1ae24b6f8a1aae63be74dbdc2984959e7d4c58
Red Hat Security Advisory 2021-2866-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The ovirt-ansible-hosted-engine-setup package provides an Ansible role for deploying Red Hat Virtualization Hosted-Engine.
d6d9da65f13da7bd76c524af0be7f2b3807d6a80218366fd83a1fcb23d20f182
Red Hat Security Advisory 2021-2865-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution and denial of service vulnerabilities.
ce9968ff4577033a91a08ac4e693f7ae3c886e4bcb370b3eb85795db47a2a9d5
Red Hat Security Advisory 2021-2736-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a use-after-free vulnerability.
1fa632f28d5e605ea0ec82cfb7ecd3c710ed64a96ecae4e68f689247c4013aa9
Red Hat Security Advisory 2021-2779-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
aacb10ef0b6fd4316b022328b4531163cd36123f2e4c9fc9bcd4b4a84e971e43
Red Hat Security Advisory 2021-2780-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
4834f7a89b1c105c8c634d270a29e092dfbba1336b090fde6cfce50e35c48a75
Red Hat Security Advisory 2021-2777-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
39701e076729f2dbf50ed75ccf5d34ae1a75adac7c46b433300189fdc0d76b7a
Red Hat Security Advisory 2021-2778-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
1c017048ac46160e63782702866696d00843d69e0de717523dd8f8d936db5f02
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
3005346e90339c18a4c626169c6f1d9fb8643bb0d0a049bcaf64b7ccb4fd272c