SmarterTools SmarterTrack 7922 suffers from an information disclosure vulnerability.
564c797e38fa833974261ede68689cfae36db29795b123007e157526bbfc8f56
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
d9991de344fa8ed8c92d130837309655dc9e22c4f5e53c141dce6deee5c0505c
Ubuntu Security Notice 5089-2 - USN-5089-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA. Various other issues were also addressed.
6699ce47b07d1cd0ee48d5175e525e4af30c8e0ffb9499cf3c8888d15f971087
Ubuntu Security Notice 5089-1 - The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA.
284f407d98d37fcac4344b7bcc6e6a8b44afc901dcb3271fdc32e1afa9c3d129
WordPress 3DPrint Lite plugin version 1.9.1.4 suffers from a remote shell upload vulnerability.
72d286026efcf28235200cd59fbdc8cb4d2ac182d6a16c3fec3eceb85052778d
Pharmacy Point of Sale System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
8def95a1849d6f7b78b9b7244b3dd353e34b46912085bda4b229bc64f204de2e
Ubuntu Security Notice 5088-1 - It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. Paul Kehrer discovered that OpenSSL used in EDK II incorrectly handled certain input lengths in EVP functions. An attacker could possibly use this issue to cause EDK II to crash, resulting in a denial of service. Various other issues were also addressed.
364506777cba9ac853135b7f75877b1504446feea3f08770e812fad58981b8b6
Police Crime Record Management Project version 1.0 suffers from a remote SQL injection vulnerability.
ca2c34013469aa8d5570c71580b9ef5d22bb690f4ab3d85eefa1c617859fb283
Redragon Gaming Mouse suffers from a denial of service vulnerability.
0c154cb7f30e1bd757b91b47d4741e4cbf763361b57a96d500d5562f6d92abc2
WordPress Advanced Order Export For WooCommerce plugin version 3.1.7 suffers from a cross site scripting vulnerability.
f0630e08c1327131f4976c413261bcd8d258b32e58b44360fcbb40d96ecae5a6
Ubuntu Security Notice 5087-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
9cc69084dd08afb757dc1fd685e2412d02f64ee88ec4166bda357cb3cb01effa
WordPress Fitness Calculators plugin version 1.9.5 suffers from a cross site request forgery vulnerability.
d98f7bece9083eaddb26bd624c829967f736f30e927d68f33fefce05c524fccc
Backdrop CMS version 1.20.0 suffers from cross site request forgery vulnerabilities that can assist an attacker in achieving command execution.
83f2c2540b4e545354939b0ed9b2d43a41e2854821c3ae85e8eb3277dbf64132
Gurock Testrail version 7.2.0.3014 suffers from an improper access control vulnerability.
7bba00b51d41b2b65a23473a45e1f268fd17d33d0a245f0ae9d5ca532c688d3e
Chrome suffers from a HRTFDatabaseLoader::WaitForLoaderThreadCompletion data race condition.
cbbb7af067da8a18782b6edada6db9b1b563f5bccf566cd7d4b1fd025dae8f61
Ubuntu Security Notice 5085-1 - It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service.
5fe7c3d7d05a36ab58f67129d65fc13380433a15c95ce07ca0061984054f5ed2
Red Hat Security Advisory 2021-3638-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.
2704f7d7f7834855254af3a08e31e1875339714538305d2b82dba5cf156dfce7
Apple Security Advisory 2021-09-20-10 - iTunes 12.12 for Windows addresses code execution vulnerabilities.
08f2003d8951f0c201309a7f8087e5aeef94b339affd03af4ae0b1d73e36ee76
Ubuntu Security Notice 5086-1 - Johan Almbladh discovered that the eBPF JIT implementation for IBM s390x systems in the Linux kernel miscompiled operations in some situations, allowing circumvention of the BPF verifier. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
d2a74f8984e5fde4745aecedd98ea9dfb3d111cb733f58ed437bf13e0649d113
OpenCats version 0.9.4-2 suffers from an XML external entity injection vulnerability.
0c41b4f8b44d8bbbada0f821ae499c79622fe446c1143134a57ed92d2b3a4164
Apple Security Advisory 2021-09-20-9 - iTunes U 3.8.3 addresses a code execution vulnerability.
16919b5b479796f5c99801f855bd2c74a6a87624ed2f59e1b37210dd28c1f873
E-Negosyo System version 1.0 suffers from a remote shell upload vulnerability.
d5ce3db7579101a4d8dc1ae965c1799655b8e02395c4450606eb36f1f430b2f4
E-Negosyo System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.
230aba72f8107f8555be48d76537b1f6c27a1b36b213bf98f58c7f7c6b9baf2c
Apple Security Advisory 2021-09-20-8 - Security Update 2021-005 Catalina addresses buffer overflow, bypass, code execution, denial of service, integer overflow, and out of bounds read vulnerabilities.
79bf45f74bddb8486f12ed4c29b3e71e76e1ff0dc36d435c9b6adc6c23122cc0
e107 CMS version 2.3.0 authenticated remote shell upload exploit.
503caef30c7aa6c3437f98cfc0ba2025433c35ec41208ba247fce01ab84eb4a3