Red Hat Security Advisory 2021-3205-01 - A minor version update is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, information leakage, man-in-the-middle, and traversal vulnerabilities.
2c0be2bf30994c0e78e9f0282ebe4ea1c42cf7bd92b633df388b40a2dc8c649c
Ubuntu Security Notice 5044-1 - It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
4c707db347e5e85dd8a2e478b9d34805f370899a49b0eb92b09d5abeb6293712
Crime Records Management System version 1.0 suffers from a remote SQL injection vulnerability.
aab3ec0698141d1863877cdc50d2978c56680677d5a902d7f0a76e715b07fdd6
Hospital Management System created by kishan0725 suffers from a persistent cross site scripting vulnerability.
fba4631f14e90d73450defe4cb343ab885a20f7605579117cd8b3616832a11e4
Ubuntu Security Notice 5043-1 - It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. These issues only affected Ubuntu 20.04 LTS and Ubuntu 21.04. Various other issues were also addressed.
3ac5d046dc916ad450b4a05daee42e21ff86c2bfbdef34c36a1944a33ecff6a2
COVID-19 Testing Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. This is a variant of the original discovery of SQL injection in this version as discovered by Rohit Burke in May of 2021.
4695735f83547741a3f18518c8125d1cef31a63355faaf9bf5a07a8dcf639bf2
Ubuntu Security Notice 5042-1 - It was discovered that HAProxy incorrectly handled the HTTP/2 protocol. A remote attacker could possibly use this issue to bypass restrictions.
94f2382720f2438c1b7b3b9cfbfd4ec38d7056358dc4406a6cd5f058990a3ebd
Dancho Danchev wrote a personal 100 page memoir.
8768965b892b82131fe72867147c1aa8f5bde8ae1c52f43f5116c6cb6e7afd3f
Red Hat Security Advisory 2021-3173-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and out of bounds write vulnerabilities.
6706e39f297e107f1ff1e1751358e3c5457202daa6e0d94e3fed4e3dad19e2f8
This Metasploit module exploits an arbitrary file write in Lucee Administrator's imgProcess.cfm file to execute commands as the Tomcat user.
b2e56cd428c174bc04f6acc23c21f34ae6d9df79b2c9d12ca9619993ff6fa4b9
Red Hat Security Advisory 2021-3176-01 - The microcode_ctl packages provide microcode updates for Intel. Issues addressed include information leakage and privilege escalation vulnerabilities.
8932c00d1ea2a18dad753111afccfae29397628894b53501893ea1da0c57cfa6
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.
ff665ce121b2952110bd98b9c8741b5593bf6c01ac09033ad848ed92c2510f9a
Red Hat Security Advisory 2021-3181-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include bypass and out of bounds write vulnerabilities.
ebd81c13fdd75aa9a29ef494c70017048d00231cdf540dabb309fbc3d526a9f2
GeoVision Geowebserver versions 5.3.3 and below suffer from code execution, cross site request forgery, cross site scripting, html injection, and local file inclusion vulnerabilities.
8ccb4bb1b96f86b0ef24cd5e1b36f037c42c2f00bb5ec9a80fedbe4537f7a7ab
Cyberoam NetGenie with a firmware version of C0101B1-20141120-NG11VO suffers from a cross site scripting vulnerability.
b6adbe8f41373524a978e3ba5da89b3b419d9f81d6e0c67dfc136d61cf1eb0c9
Red Hat Security Advisory 2021-3172-01 - EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Issues addressed include a buffer overflow vulnerability.
609c017c87e05bf217a92ec96cf8737cd9d418a852c68e6da519e2a08388c375
SonicWall NetExtender version 10.2.0.300 suffers from an unquoted service path vulnerability.
ec168adb408da09adcb5e7862e076b884d3773957bfa67dd254e524ff4dff3ce
Red Hat Security Advisory 2021-3178-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include a code execution vulnerability.
daec0a33b20477a01639cbec7dbca8fb73275d91a7620baa7d9df982d7e215cb
Red Hat Security Advisory 2021-3177-01 - The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts.
bc5858fc5f1f5296eb6e29865812ca26f8d9b672609b88740159b349942c8b99
Red Hat Security Advisory 2021-3158-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
4063492f1695def3be89c72005f0d2f5ccedc2f4b581146968dda45efc98d20b
COMMAX CVD-Axx DVR version 5.1.4 uses a weak set of default administrative credentials that can be easily guessed in remote password attacks and used to disclose the RTSP stream.
b803657ac347af637721c0d8d6c1e09ad231eaf41d9ab12e4c4bac45075a5e15
COMMAX Smart Home Ruvie CCTV Bridge DVR Service suffers from unauthenticated configuration writing and denial of service vulnerabilities.
8890c32e87149f67b7a1b84524c7b4a4c6a2e5f6674351a154c33921586bfb06
Red Hat Security Advisory 2021-3160-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.13.0. Issues addressed include a use-after-free vulnerability.
5a14a1b122259377b91878a9f1b8ff478a501c8183fa72c3a5a87fe9da8f6707
Red Hat Security Advisory 2021-3157-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.13.0 ESR. Issues addressed include a use-after-free vulnerability.
232e4ce09501b709a781cbd4ba355c83717c0f7f075774d95b25e65223428750
COMMAX Smart Home Ruvie CCTV Bridge suffers from a credential disclosure vulnerability.
33e9a5c5cc3d38dfc956ed11d44560f9e260a3b7c50d3efbebab8513a5d0476c