Gentoo Linux Security Advisory 202107-50 - A vulnerability in Singularity could result in remote code execution. Versions less than 3.7.4 are affected.
275b6d1f9a321457af31fe60a31dd40995d53cd5bbd8166a942bbdd7b2876d20Gentoo Linux Security Advisory 202107-49 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 91.0.4472.164 are affected.
3544ab6bea8c304bbd61204ad791443d4540519c4a76f43c18d2536e37049c87This Metasploit module leverages an authentication bypass exploit within Sage X3 AdxSrv's administration protocol to execute arbitrary commands as SYSTEM against a Sage X3 Server running an available AdxAdmin service.
11ca07000040b6eeef671ec41e35ce376417e3fd24529a7485ed79fb91760b98This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in Wordpress plugin Backup Guard versions prior to 1.6.0. This is due to an incorrect check of the uploaded file extension which should be of SGBP type. Then, the uploaded payload can be triggered by a call to /wp-content/uploads/backup-guard/<random_payload_name>.php.
3cec1dda9d347f45f65889e051e7fd1d9dc38d9c3e6197d8f4224ca67cb32a27Ubuntu Security Notice 5020-1 - It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to conduct port scans and service banner extractions. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Various other issues were also addressed.
ef2211358578c8a48450c1d52656dc5137ab6ffad837d9d5b87e19b92ac24d05Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer. They successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation; other Linux distributions are certainly vulnerable, and probably exploitable. A basic proof of concept (a crasher) is attached to this advisory.
0c0b69962c7c4951fd574d5a8b85049490d77ada7568b05cfb4bce7ca40aa09aAmpache version 4.4.2 suffers from a cross site scripting vulnerability.
fbaa085dd0c243267363f1e9c295518b70093488777de8235039d712c45a208fRed Hat Security Advisory 2021-2737-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a use-after-free vulnerability.
2e5b80333758444ee18869e9bb1536cdf3c1792d73a5b2e1de77d5239e912e20Ubuntu Security Notice 4336-2 - USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
1662afa72f2d87642296df471f8381898778a05e1750f09020f156f39446b6cfRed Hat Security Advisory 2021-2845-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
14d162c8e1316bccab02cd7a8504bb9b2a92fb0049e99284bcb7eca8e255b8b7Red Hat Security Advisory 2021-2774-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
7722859b70b9baffbabc2bcd6637dc3b8af980e66ce4be95bde65db936867933Red Hat Security Advisory 2021-2775-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
b9cf199f088dfce9046d0d90f0848c3db6f234832de5a8bcdd8c34f677cdd9aeRed Hat Security Advisory 2021-2776-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
642e14f127e6c7de91001cdf6af2943ebdcd98bcf87bda0c9e3777a80b12430bRed Hat Security Advisory 2021-2784-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
3668d782aa0f0195717706cd44e29ad86c6c4a773647ac31d06c55b1c7553f78Red Hat Security Advisory 2021-2782-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
3615f36a389e27cb670dfae18fa030d7079ef2cb2aa9dbcc4aeb71d10a0f83efRed Hat Security Advisory 2021-2781-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
375f798975fcd7beb874e7a0830d3f1db9a153d6a78f8c63133c4a6a5e34c104Red Hat Security Advisory 2021-2783-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
2df66483f79cd2b728026370898409033dd9cb01420aa2790691627f7b167c35Ubuntu Security Notice 5019-1 - It was discovered that an assert could be triggered in the NVIDIA graphics drivers. A local attacker could use this to cause a denial of service. It was discovered that the NVIDIA graphics drivers permitted an out-of-bounds array access. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Various other issues were also addressed.
e6e69edde81694ccca4857d34ea5053391544a93ca6ee3f2f43fe519243fc41cRed Hat Security Advisory 2021-2725-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.
839801d043758f7e24d6866c3d962cab1678aa56dbae96ccf9380109e7674816Red Hat Security Advisory 2021-2726-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
d6efc4fe2546e1493ba8e36a97c8fe29405d425bb301d46e0f650cdaf1e8942eRed Hat Security Advisory 2021-2728-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
d43770786054aac5b8cc61fbf199a0182de62f1b498cb7938b8816c513a0b04cRed Hat Security Advisory 2021-2729-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
bf7f86cf504a3fe0a68f264a3fc9d99b6cde2e998fa085b4a75c1857e5653d62Red Hat Security Advisory 2021-2717-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.
49357106858273625c50cbbbf7aa805b520a15a7f756cc4afa05d739032bd5bcRed Hat Security Advisory 2021-2716-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
d2b0e265f99beeeea554dd55591382009c12d9fd25667c86da3b52321a68846eRed Hat Security Advisory 2021-2720-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
4ed594fb576d3f8b864ea7e28b5b4e3fa88ef75b4717b44ff007afb33ec36a7b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed