Gentoo Linux Security Advisory 202107-50 - A vulnerability in Singularity could result in remote code execution. Versions less than 3.7.4 are affected.
275b6d1f9a321457af31fe60a31dd40995d53cd5bbd8166a942bbdd7b2876d20
Gentoo Linux Security Advisory 202107-49 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 91.0.4472.164 are affected.
3544ab6bea8c304bbd61204ad791443d4540519c4a76f43c18d2536e37049c87
This Metasploit module leverages an authentication bypass exploit within Sage X3 AdxSrv's administration protocol to execute arbitrary commands as SYSTEM against a Sage X3 Server running an available AdxAdmin service.
11ca07000040b6eeef671ec41e35ce376417e3fd24529a7485ed79fb91760b98
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in Wordpress plugin Backup Guard versions prior to 1.6.0. This is due to an incorrect check of the uploaded file extension which should be of SGBP type. Then, the uploaded payload can be triggered by a call to /wp-content/uploads/backup-guard/<random_payload_name>.php.
3cec1dda9d347f45f65889e051e7fd1d9dc38d9c3e6197d8f4224ca67cb32a27
Ubuntu Security Notice 5020-1 - It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to conduct port scans and service banner extractions. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Various other issues were also addressed.
ef2211358578c8a48450c1d52656dc5137ab6ffad837d9d5b87e19b92ac24d05
Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer. They successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation; other Linux distributions are certainly vulnerable, and probably exploitable. A basic proof of concept (a crasher) is attached to this advisory.
0c0b69962c7c4951fd574d5a8b85049490d77ada7568b05cfb4bce7ca40aa09a
Ampache version 4.4.2 suffers from a cross site scripting vulnerability.
fbaa085dd0c243267363f1e9c295518b70093488777de8235039d712c45a208f
Red Hat Security Advisory 2021-2737-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a use-after-free vulnerability.
2e5b80333758444ee18869e9bb1536cdf3c1792d73a5b2e1de77d5239e912e20
Ubuntu Security Notice 4336-2 - USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
1662afa72f2d87642296df471f8381898778a05e1750f09020f156f39446b6cf
Red Hat Security Advisory 2021-2845-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
14d162c8e1316bccab02cd7a8504bb9b2a92fb0049e99284bcb7eca8e255b8b7
Red Hat Security Advisory 2021-2774-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
7722859b70b9baffbabc2bcd6637dc3b8af980e66ce4be95bde65db936867933
Red Hat Security Advisory 2021-2775-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
b9cf199f088dfce9046d0d90f0848c3db6f234832de5a8bcdd8c34f677cdd9ae
Red Hat Security Advisory 2021-2776-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
642e14f127e6c7de91001cdf6af2943ebdcd98bcf87bda0c9e3777a80b12430b
Red Hat Security Advisory 2021-2784-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
3668d782aa0f0195717706cd44e29ad86c6c4a773647ac31d06c55b1c7553f78
Red Hat Security Advisory 2021-2782-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
3615f36a389e27cb670dfae18fa030d7079ef2cb2aa9dbcc4aeb71d10a0f83ef
Red Hat Security Advisory 2021-2781-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
375f798975fcd7beb874e7a0830d3f1db9a153d6a78f8c63133c4a6a5e34c104
Red Hat Security Advisory 2021-2783-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
2df66483f79cd2b728026370898409033dd9cb01420aa2790691627f7b167c35
Ubuntu Security Notice 5019-1 - It was discovered that an assert could be triggered in the NVIDIA graphics drivers. A local attacker could use this to cause a denial of service. It was discovered that the NVIDIA graphics drivers permitted an out-of-bounds array access. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Various other issues were also addressed.
e6e69edde81694ccca4857d34ea5053391544a93ca6ee3f2f43fe519243fc41c
Red Hat Security Advisory 2021-2725-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.
839801d043758f7e24d6866c3d962cab1678aa56dbae96ccf9380109e7674816
Red Hat Security Advisory 2021-2726-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
d6efc4fe2546e1493ba8e36a97c8fe29405d425bb301d46e0f650cdaf1e8942e
Red Hat Security Advisory 2021-2728-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
d43770786054aac5b8cc61fbf199a0182de62f1b498cb7938b8816c513a0b04c
Red Hat Security Advisory 2021-2729-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
bf7f86cf504a3fe0a68f264a3fc9d99b6cde2e998fa085b4a75c1857e5653d62
Red Hat Security Advisory 2021-2717-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.
49357106858273625c50cbbbf7aa805b520a15a7f756cc4afa05d739032bd5bc
Red Hat Security Advisory 2021-2716-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
d2b0e265f99beeeea554dd55591382009c12d9fd25667c86da3b52321a68846e
Red Hat Security Advisory 2021-2720-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
4ed594fb576d3f8b864ea7e28b5b4e3fa88ef75b4717b44ff007afb33ec36a7b