Red Hat Security Advisory 2021-0094-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.102 and .NET Runtime 5.0.2.
939f0ea25dc513f06355d81271499037Gentoo Linux Security Advisory 202101-9 - Multiple vulnerabilities have been found in VirtualBox, the worst of which could allow an attacker to take control of VirtualBox. Versions prior to 6.1.12 are affected.
252115a5279461dc614c738aefe07245Red Hat Security Advisory 2021-0096-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.102 and .NET Runtime 5.0.2.
3abb44908ff988765418c3b3b5bdd82cRed Hat Security Advisory 2021-0087-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.1. Issues addressed include a use-after-free vulnerability.
01be35ba1b141a5a2c440d3438caf6beRed Hat Security Advisory 2021-0088-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.1. Issues addressed include a use-after-free vulnerability.
88e2b40bc909cc7b61bd77be2f566e27Red Hat Security Advisory 2021-0089-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.1. Issues addressed include a use-after-free vulnerability.
3a1087ef77def78114e135cd8601fba8Red Hat Security Advisory 2021-0084-01 - This release of Red Hat build of Quarkus 1.7.6 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.
98feed9e40743a3037ad053ba60978acRed Hat Security Advisory 2021-0083-01 - The rhceph-4.2 image is based on Red Hat Ceph Storage 4.2 and Red Hat Enterprise Linux. Issues addressed include a server-side request forgery vulnerability.
74da0a08cadcdfa9af4155c688dd68e3Ubuntu Security Notice 4689-2 - USN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. Various other issues were also addressed.
5400659ba37710eaa6b249f1d24c9de7Red Hat Security Advisory 2021-0081-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage. This package contains a new implementation of the original libtirpc, transport-independent RPC library for NFS-Ganesha. NFS-GANESHA is a NFS Server running in user space. It comes with various back-end modules provided as shared objects to support different file systems and name-spaces.
c068aca7baa10eb0923b7197118e8e69Ubuntu Security Notice 4649-2 - USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the --attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information. Various other issues were also addressed.
e3181c84ebf88124fc8440988b2185acRed Hat Security Advisory 2021-0073-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
cbf6053ea78851d5ddb84cf8bd312561Whitepaper called A Hands-On Approach To Linux Privilege Escalation. This document is intended to provide multiple techniques that a pentester can use to escalate their privileges and gain access to higher roles.
f6cf10579b31e9f8440e8a43248cd662Ubuntu Security Notice 4689-1 - It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
981d1a54d362e0eb1a220d6c10591e46Red Hat Security Advisory 2021-0072-01 - Red Hat OpenShift Serverless 1.9.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.5. Issues addressed include a denial of service vulnerability.
976e58ad147bf62e96cad81c98b5824cUbuntu Security Notice 4668-4 - USN-4668-1 fixed a vulnerability in python-apt. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Various other issues were also addressed.
547dc78aa1e891e8e1a6f4156108a0f0Ubuntu Security Notice 4667-2 - USN-4667-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding, resulting in a denial of service. Various other issues were also addressed.
b02790b890a4077db710c9e9f926d953jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the pre-built jar release.
819babadb98b56e7367ca5f3df865c4djSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.
ff856f45b190724cb5f562e78e919396Ubuntu Security Notice 4688-1 - It was discovered that Jasper incorrectly certain files. An attacker could possibly use this issue to cause a crash. It was discovered that Jasper incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Jasper incorrectly handled certain JPC encoders. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
a965c42895b4f69c78c1d6469bf754dbRed Hat Security Advisory 2021-0057-01 - The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers.
88bba1e2047c80fabcd3b61473f6fc00Gentoo Linux Security Advisory 202101-8 - Multiple vulnerabilities have been found in Pillow, the worst of which could result in a Denial of Service condition. Versions less than 8.1.0 are affected.
10a03ba321505f8f440a2d98f3727dc4Gentoo Linux Security Advisory 202101-7 - Multiple vulnerabilities have been found in NodeJS, the worst of which could result in the arbitrary execution of code. Versions less than 15.5.1 are affected.
8b174981332595ec9347b63b26850dc4Red Hat Security Advisory 2021-0050-01 - This release of Red Hat Quay v3.3.3 includes: Security Update: quay: persistent XSS in repository notification display quay: email notifications authorization bypass. Issues addressed include bypass and cross site scripting vulnerabilities.
e773185f896a2e376e6f5315784e7699Red Hat Security Advisory 2021-0053-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.6.1 ESR. Issues addressed include a use-after-free vulnerability.
d88f179c5c353071de0371dfc532eae9
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed