Ubuntu Security Notice 5629-1 - It was discovered that the Python http.server module incorrectly handled certain URIs. An attacker could potentially use this to redirect web traffic.
8ed17abf4d4b43b1e2bb7cde1858817522b51ed63ec4e2aa8a769c70b7853ef1
Ubuntu Security Notice 5631-1 - It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause libjpeg-turbo to consume resource, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that libjpeg-turbo incorrectly handled certain malformed jpeg files. An attacker could possibly use this issue to cause libjpeg-turbo to crash, resulting in a denial of service.
1c5e9f66c33802aff0761c128dc62d1964aa449af0264e73bb69f61d3abed1d5
WordPress 3dady Real-Time Web Stats plugin version 1.0 suffers from a persistent cross site scripting vulnerability.
9bc44384be766635f2fbfc237ec0aeb19285a6e3efb8c861d02d2212924dd3fe
WordPress WP-UserOnline plugin version 2.88.0 suffers from a persistent cross site scripting vulnerability.
2d27257ac7ea666ea0f91e21e2cf2524b25f6b5630c8e00106161db5acf1445b
Ubuntu Security Notice 5632-1 - Sebastian Chnelik discovered that OAuthLib incorrectly handled certain redirect uris. A remote attacker could possibly use this issue to cause OAuthLib to crash, resulting in a denial of service.
6f7b863b27652aa9705029e163b1edc76bb8e28ed46da9dae3fa8141b190d3d9
Teleport version 10.1.1 suffers from a remote code execution vulnerability.
c6d52b424ef6fecae4f1b523bd776835ab95ce19413a32ddacde1e3e5c128f9e
Feehi CMS version 2.1.1 suffers from an authenticated remote code execution vulnerability.
983f5ef29aec5a308538a5a0f342863532963a034a2146d2f5d3fe9bcb54fe54
Ubuntu Security Notice 5634-1 - Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service.
f8b1a7ed35a19079cc1dd5e26022f3651c361b93150ae1cc012219e3818ac9ae
Testa Online Test Management System version 3.5.1 suffers from a cross site scripting vulnerability.
e9867bdeeba70c36ee85639c18dbb98c4422fde1467af31cc0a26c7ec8e89a09
Ubuntu Security Notice 5633-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.
8351862c78cded631737902c0b3547d5bb307ab0a6be5cec52f04529fb8c7581
TP-Link Tapo c200 version 1.1.15 suffers from a remote code execution vulnerability.
8e68cc2b8496ad99d86b7b36d04b8055a2811ee41b6746feca8d8f15c304f133
Ubuntu Security Notice 5630-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
c7c0c0227fda6e6bf4499a2c48b667c084b37cc6c2d87ab84b3410ec00d70af1