what you don't know can hurt you
Showing 51 - 75 of 39,200 RSS Feed

Operating System: Linux

Red Hat Security Advisory 2021-0052-01
Posted Jan 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0052-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.6.1 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-16044
MD5 | 071b67eb4506ed1381363171e2425db8
Gentoo Linux Security Advisory 202101-01
Posted Jan 11, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-1 - Multiple vulnerabilities have been found in Dovecot, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 2.3.13 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2020-24386, CVE-2020-25275
MD5 | 3a89fff6479017300d6ec9a323c8b69e
Ubuntu Security Notice USN-4687-1
Posted Jan 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4687-1 - A use-after-free was discovered in Firefox when handling SCTP packets. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-16044
MD5 | 8b8168d3ee3d2c80f6d055fe05c6c894
Ubuntu Security Notice USN-4684-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4684-1 - Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14562, CVE-2019-14584
MD5 | 1751a770e1cc64cf0203b6e4506c808e
Ubuntu Security Notice USN-4685-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4685-1 - It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15389, CVE-2020-27841
MD5 | 441106d86f85ccadec1d3c14e6567734
Ubuntu Security Notice USN-4686-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4686-1 - It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-5727, CVE-2020-27842, CVE-2020-8112
MD5 | 4cd68750ef2abd5f6b9640ef33177e4f
Red Hat Security Advisory 2020-5388-01
Posted Jan 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5388-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.11 serves as a replacement for Red Hat support for Spring Boot 2.2.10, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-11996, CVE-2020-25638
MD5 | b3bdc25df3f101e501f013f1465ac1d3
Ubuntu Security Notice USN-4683-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4683-1 - Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-28974
MD5 | 7fbd2df16ee169fac1041dc6ef729402
Ubuntu Security Notice USN-4677-2
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4677-2 - USN-4677-1 fixed a vulnerability in p11-kit. This update provides the corresponding update for Ubuntu 14.04 ESM. David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-29361
MD5 | f0cd253812e585b78a6df0d24f050a4c
Ubuntu Security Notice USN-4682-1
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4682-1 - It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to execute arbitrary code or cause a crash.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-35738
MD5 | 071a6f4ed83c58b35aaeadaa4f78066a
Ubuntu Security Notice USN-4681-1
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4681-1 - Ryan Hall discovered that the Intel 700 Series Ethernet Controllers driver in the Linux kernel did not properly deallocate memory in some conditions. A local attacker could use this to cause a denial of service. It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-0148, CVE-2020-25656, CVE-2020-25668, CVE-2020-27675, CVE-2020-28974, CVE-2020-4788
MD5 | 91670808904d9a205af1af1baa6a1ec2
Red Hat Security Advisory 2021-0028-01
Posted Jan 6, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0028-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2015-8011
MD5 | 0f1582cc1394bfa1362cd67f38867105
Ubuntu Security Notice USN-4680-1
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4680-1 - It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19770, CVE-2020-0423, CVE-2020-10135, CVE-2020-25656, CVE-2020-25668, CVE-2020-25705, CVE-2020-27675, CVE-2020-27777, CVE-2020-28974
MD5 | d9396f87744b985c8e687f3925ea532c
Ubuntu Security Notice USN-4679-1
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4679-1 - It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information. Kiyin discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-25656, CVE-2020-25668, CVE-2020-25704, CVE-2020-27675, CVE-2020-27777, CVE-2020-28974
MD5 | 1ace1ae8d4759419772bc1a1bdf880c4
Ubuntu Security Notice USN-4678-1
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4678-1 - It was discovered that the AMD Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. Jann Horn discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations. A local attacker could use this to expose sensitive information or possibly escalate privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-12912, CVE-2020-29534
MD5 | b3036de92a3edb42e7057a8095180d7c
Ubuntu Security Notice USN-4677-1
Posted Jan 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4677-1 - David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-29361
MD5 | 21b501626a34f8159219ffcf33d54c15
Ubuntu Security Notice USN-4676-1
Posted Jan 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4676-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-16587
MD5 | 590de48f77cba77bf4361c2d44509710
Red Hat Security Advisory 2021-0024-01
Posted Jan 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0024-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-29599
MD5 | 3eba5f23856ee624e7360b5f79fd5764
Ubuntu Security Notice USN-4675-1
Posted Jan 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4675-1 - Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-29565
MD5 | cedbcdb29a863a00ae74cabeb5d33243
Red Hat Security Advisory 2021-0019-01
Posted Jan 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0019-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-20836, CVE-2019-15917, CVE-2019-20636
MD5 | 936db7e77ce10f20206d35312906b1c5
Ubuntu Security Notice USN-4674-2
Posted Jan 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4674-2 - USN-4674-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 14.04 ESM. Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-25275
MD5 | 8b21140b2f6a9fb4daa95236efc08304
Ubuntu Security Notice USN-4668-3
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4668-3 - USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local, vulnerability, python
systems | linux, ubuntu
MD5 | a029e69b2f2fd6b5ff7a56f554dcb47f
Ubuntu Security Notice USN-4674-1
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4674-1 - It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, imap
systems | linux, ubuntu
advisories | CVE-2020-24386, CVE-2020-25275
MD5 | b2e560c9e62cc73f933684b14231318a
Haveged 1.9.14
Posted Jan 4, 2021
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: New command added to havegecmd.c. Made enttest configurable.
tags | tool
systems | linux, unix
MD5 | f756474201bec9a46b41e8712f79468a
Ubuntu Security Notice USN-4673-1
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4673-1 - Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-26154
MD5 | 37308d157792044dbd547beba780fbd7
Page 3 of 1,568
Back12345Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close