Chrome suffers from a HRTFDatabaseLoader::WaitForLoaderThreadCompletion data race condition.
cbbb7af067da8a18782b6edada6db9b1b563f5bccf566cd7d4b1fd025dae8f61Ubuntu Security Notice 5085-1 - It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service.
5fe7c3d7d05a36ab58f67129d65fc13380433a15c95ce07ca0061984054f5ed2Red Hat Security Advisory 2021-3638-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.
2704f7d7f7834855254af3a08e31e1875339714538305d2b82dba5cf156dfce7Apple Security Advisory 2021-09-20-10 - iTunes 12.12 for Windows addresses code execution vulnerabilities.
08f2003d8951f0c201309a7f8087e5aeef94b339affd03af4ae0b1d73e36ee76Ubuntu Security Notice 5086-1 - Johan Almbladh discovered that the eBPF JIT implementation for IBM s390x systems in the Linux kernel miscompiled operations in some situations, allowing circumvention of the BPF verifier. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
d2a74f8984e5fde4745aecedd98ea9dfb3d111cb733f58ed437bf13e0649d113OpenCats version 0.9.4-2 suffers from an XML external entity injection vulnerability.
0c41b4f8b44d8bbbada0f821ae499c79622fe446c1143134a57ed92d2b3a4164Apple Security Advisory 2021-09-20-9 - iTunes U 3.8.3 addresses a code execution vulnerability.
16919b5b479796f5c99801f855bd2c74a6a87624ed2f59e1b37210dd28c1f873E-Negosyo System version 1.0 suffers from a remote shell upload vulnerability.
d5ce3db7579101a4d8dc1ae965c1799655b8e02395c4450606eb36f1f430b2f4E-Negosyo System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.
230aba72f8107f8555be48d76537b1f6c27a1b36b213bf98f58c7f7c6b9baf2cApple Security Advisory 2021-09-20-8 - Security Update 2021-005 Catalina addresses buffer overflow, bypass, code execution, denial of service, integer overflow, and out of bounds read vulnerabilities.
79bf45f74bddb8486f12ed4c29b3e71e76e1ff0dc36d435c9b6adc6c23122cc0e107 CMS version 2.3.0 authenticated remote shell upload exploit.
503caef30c7aa6c3437f98cfc0ba2025433c35ec41208ba247fce01ab84eb4a3Ubuntu Security Notice 5073-3 - Norbert Slusarek discovered that the CAN broadcast manger protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information. Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code on systems with a joystick device registered. Various other issues were also addressed.
54229c6485d89ba4f6823e5d92635e12f16c9f00cf3975395a04c4e81124b2ebApple Security Advisory 2021-09-20-7 - macOS Big Sur 11.6 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds read, and use-after-free vulnerabilities.
1b7116003ae9324faabf7c874f2002ab9bb8a2edd95f965df9b3b9f451f0674aOnline Reviewer System version 1.0 suffers from a remote shell upload vulnerability.
f68db9af4a81fb00f2eef1c949bb21162e2bcf69ab3a9ba40a5634c740dba9b3Red Hat Security Advisory 2021-3639-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.
9af482c5f609c49bcc196fd310a95efd28a894a47260f53bda01540c21a0be32South Gate Inn Online Reservation System version 1.0 suffers from a remote SQL injection vulnerability that allows for a shell upload.
1575339e7ea6afdc09eda6a25883cf1a167e54ab2a1a1104042a8f13bb94d1d2Apple Security Advisory 2021-09-20-6 - iOS 14.8 and iPadOS 14.8 addresses code execution, denial of service, integer overflow, and use-after-free vulnerabilities.
b4bb452003d59697e054354295ed98806d13ed94329af6f68cfea0ee37b1afc6Apple Security Advisory 2021-09-20-5 - Safari 15 addresses code execution vulnerabilities.
8d88ba7ec5a645c4077e2665c419ac11e3b551ad317cefddb6b9e17450344a3eApple Security Advisory 2021-09-20-4 - Xcode 13 addresses multiple issues in nginx.
e298f65735c01199cc9782cb84a35d40ade27a44f1619154f005170a70f23d97Sentry version 8.2.0 suffers from a remote code execution vulnerability.
249a158d8d8fa5fc36aa401e15b178e9c7c839ad3d347fa1790f3273f16a0db9Filerun version 2021.03.26 authenticated remote code execution exploit.
068ea600088deb054970019b6097e4c59130001835d75ca069250373c45602cdUbuntu Security Notice 5071-3 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code on systems with a joystick device registered. Various other issues were also addressed.
63399d9c49059cdc5bb64c4bf9375adf331d0157df9b1c540a9a4d22a0397474Apple Security Advisory 2021-09-20-3 - tvOS 15 addresses code execution and denial of service vulnerabilities.
f99e4a59e3162074fd25d9c0203298f65b269e400c4ac2bfea4838990ff4d02dTotalAV version 5.15.69 suffers from an unquoted service path vulnerability.
b4067cdc2ae6c288bb17fdcb1944098805ac09b753348b941b1e2a016ca7d586Apple Security Advisory 2021-09-20-2 - watchOS 8 addresses code execution and denial of service vulnerabilities.
81cbe9c33ec00646f35a9f6941b76f9f5953d8ccc7315479e363acd9ec1d7b45
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed