what you don't know can hurt you
Showing 101 - 125 of 38,632 RSS Feed

Operating System: Linux

Ubuntu Security Notice USN-4569-1
Posted Oct 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4569-1 - It was discovered that Yaws did not properly sanitize XML input. A remote attacker could use this vulnerability to execute an XML External Entity injection attack. It was discovered that Yaws mishandled certain input when running CGI scripts. A remote attacker could use this vulnerability to execute arbitrary commands.

tags | advisory, remote, arbitrary, cgi
systems | linux, ubuntu
advisories | CVE-2020-24379, CVE-2020-24916
MD5 | b57e1fe6c87cc3eebc0b2bd7a99b1ee1
Red Hat Security Advisory 2020-4174-01
Posted Oct 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4174-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-2614, CVE-2019-2627, CVE-2019-2628, CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758, CVE-2019-2805, CVE-2019-2938, CVE-2019-2974, CVE-2020-13249, CVE-2020-2574, CVE-2020-2752, CVE-2020-2760, CVE-2020-2780, CVE-2020-2812, CVE-2020-2814, CVE-2020-2922
MD5 | 1b1f359a1928681ebd0f4791f9680247
Red Hat Security Advisory 2020-4173-01
Posted Oct 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4173-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-24750
MD5 | d2c5c03024d2ec3c0f208032ef828dc5
Red Hat Security Advisory 2020-4172-01
Posted Oct 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4172-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-10713, CVE-2020-14364
MD5 | 7698deb0caf019d910b610e071019288
Red Hat Security Advisory 2020-4167-01
Posted Oct 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4167-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a memory leak vulnerability.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2019-20382, CVE-2020-14364
MD5 | d35c6413c3fecfc3f8c5c97fdc211b36
udisks / Linux Kernel romfs Leakage
Posted Oct 2, 2020
Authored by Jann Horn, Google Security Research

udisks and the Linux kernel have an issue where udisks permits users to mount romfs and romfs leaks uninitialized memory to userspace.

tags | exploit, kernel
systems | linux
MD5 | c048313af977e032061fd3c992081768
Ubuntu Security Notice USN-4563-1
Posted Oct 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4563-1 - It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-8936
MD5 | b9934375d7ec3f0ca1b14ac7a67351c1
Red Hat Security Advisory 2020-4162-01
Posted Oct 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4162-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14364
MD5 | 040605a96d155d9c518e4cf87232ffd4
Red Hat Security Advisory 2020-4163-01
Posted Oct 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4163-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.3.1. Issues addressed include cross site scripting, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, CVE-2020-15678
MD5 | a9807dcbaba78524fd141dd64d7553c7
Bing.com Hostname / IP Enumerator 1.0.4
Posted Oct 2, 2020
Authored by Andrew Horton | Site morningstarsecurity.com

This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.

Changes: This is a minor release with no code changes.
tags | tool, scanner, bash
systems | linux, unix
MD5 | b337bc57bc4bb3aed8d93453ecc18db2
Red Hat Security Advisory 2020-4158-01
Posted Oct 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4158-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.3.1. Issues addressed include cross site scripting, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, CVE-2020-15678
MD5 | 827e1a5da8d10f6dbeeb209a33d11857
Red Hat Security Advisory 2020-4155-01
Posted Oct 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4155-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.3.1. Issues addressed include cross site scripting, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, CVE-2020-15678
MD5 | aacf570a0d7359baef5456ced0459fab
Red Hat Security Advisory 2020-4154-01
Posted Oct 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4154-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.4.5 serves as a replacement for Red Hat AMQ Broker 7.4.4, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a server-side request forgery vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-5183, CVE-2019-9827
MD5 | 1819629c6979685119003fa4303f3ea5
Ubuntu Security Notice USN-4562-1
Posted Oct 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4562-1 - It was discovered that kramdown insecurely handled certain crafted input. An attacker could use this vulnerability to read restricted files or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14001
MD5 | ebf1cdf60c7f8611d34ce58ab46f6a1c
Red Hat Security Advisory 2020-3842-01
Posted Oct 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3842-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-2183
MD5 | 4ab5857c889c0d682750dcccd6c146bc
Red Hat Security Advisory 2020-4157-01
Posted Oct 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4157-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.3.1. Issues addressed include cross site scripting, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, CVE-2020-15678
MD5 | fbc368cc259850be2d116bf10aa8ef7a
Red Hat Security Advisory 2020-4156-01
Posted Oct 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4156-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.3.1. Issues addressed include cross site scripting, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, CVE-2020-15678
MD5 | 2f878bb9f01f845d1d0b90021e38dfe5
Ubuntu Security Notice USN-4561-1
Posted Oct 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4561-1 - It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-8161, CVE-2020-8184
MD5 | 1647278df1e467bf98dbfb76e8bf528f
Red Hat Security Advisory 2020-3841-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3841-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include cross site scripting and information leakage vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-17638, CVE-2020-2229, CVE-2020-2230, CVE-2020-2231
MD5 | d751adac6b30eb639b46cc4de551f362
Ubuntu Security Notice USN-4560-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4560-1 - It was discovered that Gon gem did not properly escape certain input. An attacker could use this vulnerability to execute a cross-site scripting attack.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2020-25739
MD5 | 4d11001b45a8a1e03d7bfd7ed8e32e6e
Red Hat Security Advisory 2020-4143-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4143-01 - Red Hat OpenShift Container Storage is a provider of agnostic persistent storage for OpenShift Container Platform either in-house or in a hybrid cloud. As a Red Hat storage solution, OCS is completely integrated with OpenShift Container Platform for deployment, management, and monitoring. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10762, CVE-2020-10763
MD5 | ff11aef6a5e64cb6f260b11b06b7af8a
Ubuntu Security Notice USN-4559-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4559-1 - Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which forced a secure netlogon channel, this update provides additional improvements. Various other issues were also addressed.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2020-1472
MD5 | f57c43c56dc64d4f2d620467cfd5a8fc
Ubuntu Security Notice USN-4557-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4557-1 - It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. It was discovered that Tomcat incorrectly controlled reading system properties. A malicious application could possibly use this to bypass Security Manager restrictions. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-0762, CVE-2016-5018, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735
MD5 | a8c32c42978a0fc017c17a327e2e5b01
Red Hat Security Advisory 2020-4137-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4137-01 - Fixed an XSS vulnerability Fixed the Red Hat sosreport tool to no longer include the Ansible Tower SECRET_KEY value Fixed the Ansible Tower installer so that it is now compatible with the latest supported Red Hat OpenShift Container Platforms 3.x and 4.x. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2020-14365, CVE-2020-25626
MD5 | 5eb992909ab4fea6d32bb76419946401
Red Hat Security Advisory 2020-4136-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4136-01 - Updated to the latest version of the git-python library to no longer cause certain jobs to fail Updated to the latest version of the ovirt.ovirt collection to no longer cause connections to hang when syncing inventory from oVirt/RHV Added a number of optimizations to Ansible Tower's callback receiver to improve the speed of stdout processing for simultaneous playbooks runs Added an optional setting to disable the auto-creation of organizations and teams on successful SAML login Fixed an XSS vulnerability Fixed a slow memory leak in the Daphne process Fixed Automation Analytics data gathering to no longer fail for customers with large datasets Fixed scheduled jobs that run every X minute or hour to no longer fail to run at the proper time Fixed delays in Ansible Tower's task manager when large numbers of simultaneous jobs are scheduled Fixed the performance for playbooks that store large amounts of data using the set_stats module Fixed the awx-manage remove_from_queue tool when used with isolated nodes Fixed an issue that prevented jobs from being properly marked as canceled when Tower is backed up and then restored to another environment. Issues addressed include cross site scripting and memory leak vulnerabilities.

tags | advisory, vulnerability, xss, memory leak, python
systems | linux, redhat
advisories | CVE-2020-14365, CVE-2020-25626
MD5 | 8977804739e07e02ceca0a77e1313fd0
Page 5 of 1,546
Back34567Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    10 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close