Ubuntu Security Notice 4923-1 - Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. Satoshi Tanda discovered that EDK II incorrectly handled decompressing certain images. A remote attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
5b1e08d38f0dfa3b2d307d7650efc1adThis Metasploit module exploits an OS command injection vulnerability in includes/components/nxti/index.php that enables an authenticated user with admin privileges to achieve remote code execution as the apache user. Valid credentials for a Nagios XI admin user are required. This module has been successfully tested against Nagios XI 5.7.3 running on CentOS 7.
2df6940f1d406eb594bb234456e3e6f5Red Hat Security Advisory 2021-1297-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
46cddb0b9b7fd0166e21f4f90930e50fUbuntu Security Notice 4922-1 - Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack.
b1cdfd7ce654f38195dd8a4b7ac1e028Red Hat Security Advisory 2021-1298-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
0b371cd2109856ff8d5665f5a3a37f31Red Hat Security Advisory 2021-1307-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
08039b63369b6d5f5d219937f818f7dcRed Hat Security Advisory 2021-1306-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
f1b92a5f5e9433b28f07b4b4325eebf6Red Hat Security Advisory 2021-1150-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.
ed12295b509fdd6741ca638a44466454Red Hat Security Advisory 2021-1299-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
389a7b86bc01ae4ddb99542b13af23c4Red Hat Security Advisory 2021-1305-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
5c48a3f2f2c7890f11d3a0027b4c8354Ubuntu Security Notice 4921-1 - It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code.
e6c215d4c25161ac28a700abbf5b3728Red Hat Security Advisory 2021-1301-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
f878d8777def1517a23f780a08c35f44Red Hat Security Advisory 2021-1295-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
5689d716efb7e1028211b4aae7416a96Red Hat Security Advisory 2021-1289-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
0fdeefa2ddf9eeb1621da28b8405174dUbuntu Security Notice 4563-2 - USN-4563-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 20.04 LTS and Ubuntu 20.10. It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service. Various other issues were also addressed.
28a575fb29d4294f72a77c91e221dd6fRed Hat Security Advisory 2021-1288-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, out of bounds read, and use-after-free vulnerabilities.
6602dc03aef32e6967a9fac4041d5606Ubuntu Security Notice 4918-2 - USN-4918-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.
a978daa8988afdecf7791da9b48c7983Ubuntu Security Notice 4919-1 - It was discovered that OpenSLP did not properly validate URLs. A remote attacker could use this issue to cause OpenSLP to crash or possibly execute arbitrary code.
6cde121f166a0d2bbd0b1b9884e39325Red Hat Security Advisory 2021-1272-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
d8727197ed9740775d56d47e2d2234afRed Hat Security Advisory 2021-1279-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
30b51a879589e5daec1e7b2575333cfbRed Hat Security Advisory 2021-1266-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.
f97b03a9545f11491b1cf08b54df658cUbuntu Security Notice 4918-1 - It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing email. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.
1e4f0c2b0a5872c48cf1db74e5f7a2b7Red Hat Security Advisory 2021-1267-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
75a91f52f2f9f4b14e2b4601ae5a0948Red Hat Security Advisory 2021-1260-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.7.0 serves as a replacement for Red Hat AMQ Streams 1.6.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an XML injection vulnerability.
8208717753b6b6b9cac774e305322eefRed Hat Security Advisory 2021-1263-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include a cross site scripting vulnerability.
8ce46493ecbfd90ea03f33fefa70eaea
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed