exploit the possibilities
Showing 1 - 25 of 6,938 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-4602-1
Posted Oct 26, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4602-1 - ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2020-10543, CVE-2020-10878, CVE-2020-12723
MD5 | 12de9bee88d387efd047ec5aa10983a5
Ubuntu Security Notice USN-4593-2
Posted Oct 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4593-2 - USN-4593-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 14.04 ESM. Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15999
MD5 | 94eb2ba1d11c5585ee7407cddda2c700
Ubuntu Security Notice USN-4552-2
Posted Oct 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4552-2 - Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root.

tags | advisory, local, root, python
systems | linux, ubuntu
advisories | CVE-2019-16729
MD5 | 8e2cfd8ac01a04276fbc8e5bfac08a5e
Ubuntu Security Notice USN-4599-1
Posted Oct 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4599-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2020-15254, CVE-2020-15683
MD5 | 13d08b646ab278ff8d67e510be02ed8d
Ubuntu Security Notice USN-4601-1
Posted Oct 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4601-1 - It was discovered that pip did not properly sanitize the filename during pip install. A remote attacker could possible use this issue to read and write arbitrary files on the host filesystem as root, resulting in a directory traversal attack.

tags | advisory, remote, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2019-20916
MD5 | bc4ff49ae92b05e0317b150277586672
Ubuntu Security Notice USN-4600-1
Posted Oct 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4600-1 - It was discovered that Netty had HTTP request smuggling vulnerabilities. A remote attacker could used it to extract sensitive information.

tags | advisory, remote, web, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-16869, CVE-2019-20444, CVE-2019-20445
MD5 | fe9692750d4cd79cb0487d583921ce2b
Ubuntu Security Notice USN-4598-1
Posted Oct 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4598-1 - It was discovered that LibEtPan incorrectly handled STARTTLS when using IMAP, SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack.

tags | advisory, remote, imap
systems | linux, ubuntu
advisories | CVE-2020-15953
MD5 | 5c40bcc0c86629743bfb32379ae1299b
Ubuntu Security Notice USN-4597-1
Posted Oct 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4597-1 - Fran

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-6807, CVE-2019-3877, CVE-2019-3878
MD5 | 786c207490434b860d22d94341723548
Ubuntu Security Notice USN-4588-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4588-1 - It was discovered that FlightGear could write arbitrary files if received a special nasal script. A remote attacker could exploit this with a crafted file to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9956
MD5 | c93c71e5707584e309f32196cbb377ea
Ubuntu Security Notice USN-4586-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4586-1 - It was discovered that PHP ImageMagick extension didn't check the address used by an array. An attacker could use this issue to cause PHP ImageMagick to crash, resulting in a denial of service.

tags | advisory, denial of service, php
systems | linux, ubuntu
advisories | CVE-2019-11037
MD5 | f6fae5027be9e5b089b950f64fd8d5ab
Ubuntu Security Notice USN-4587-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4587-1 - Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn't check malloc return values. A remote attacker could use these issues to cause a denial of service or possibly execute arbitrary code. Josef Gajdusek discovered that iTALC had heap-based buffer overflow vulnerabilities. A remote attacker could used these issues to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-6051, CVE-2014-6055, CVE-2018-20019, CVE-2018-20020, CVE-2018-20023, CVE-2018-20024, CVE-2018-20748, CVE-2018-20750, CVE-2019-15681
MD5 | a0940d2ea11a0ed386f0828fbb1f40c5
Ubuntu Security Notice USN-4596-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4596-1 - It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting in a denial of service. It was discovered that Tomcat did not properly release the HTTP/1.1 processor after the upgrade to HTTP/2. An attacker could possibly use this to generate an OutOfMemoryException, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2020-11996, CVE-2020-13934, CVE-2020-13935, CVE-2020-9484
MD5 | 9c7bf230e29a045c5b7a3d87aa96b325
Ubuntu Security Notice USN-4595-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4595-1 - It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-7729
MD5 | e1ac33c4930fe12fca5c85c0a9fb888a
Ubuntu Security Notice USN-4594-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4594-1 - It was discovered that Quassel incorrectly handled Qdatastream protocol. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that Quassel incorrectly handled certain login requests. A remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, ubuntu
advisories | CVE-2018-1000178, CVE-2018-1000179
MD5 | 09feead29d4e43821693a19b2ad24bef
Ubuntu Security Notice USN-4593-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4593-1 - Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15999
MD5 | e2d87527b97b4f6bcee00e01fde7e52a
Ubuntu Security Notice USN-4592-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4592-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-24490
MD5 | ea8ffa29056c97fd916af3807500cfd8
Ubuntu Security Notice USN-4591-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4591-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2020-12351, CVE-2020-12352
MD5 | 5d0eee3a0d51a48fdc43a1f3e9d24038
Ubuntu Security Notice USN-4590-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4590-1 - It was discovered that Collabtive did not properly validate avatar image file uploads. An authenticated user could exploit this with a crafted file to cause Collabtive to execute arbitrary code.

tags | advisory, arbitrary, file upload
systems | linux, ubuntu
advisories | CVE-2015-0258
MD5 | 179fd7eba43ef7a3691ef8f62753e5e7
Ubuntu Security Notice USN-4546-2
Posted Oct 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4546-2 - USN-4546-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, spoof the site displayed in the download dialog, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, vulnerability, xss
systems | linux, ubuntu
MD5 | fb28fc67ccf3d5335d2f50642f5cdb2f
Ubuntu Security Notice USN-4584-1
Posted Oct 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4584-1 - It was discovered that HtmlUnit incorrectly initialized Rhino engine. An attacker could possibly use this issue to execute arbitrary Java code.

tags | advisory, java, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-5529
MD5 | b7189a4381921c21c27a3059b8f5a87f
Ubuntu Security Notice USN-4585-1
Posted Oct 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4585-1 - It was discovered that Newsbeuter didn't handle the command line input properly. An remote attacker could use it to ran remote code by crafting a special input file. It was discovered that Newsbeuter didn't handle metacharacters in its filename properly. An remote attacker could use it to ran remote code by crafting a special filename.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-12904, CVE-2017-14500
MD5 | 328a24e2a98284b91341a4629d487991
Ubuntu Security Notice USN-4589-2
Posted Oct 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4589-2 - USN-4589-1 fixed a vulnerability in containerd. This update provides the corresponding update for docker.io. It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials. Various other issues were also addressed.

tags | advisory, remote, registry
systems | linux, ubuntu
advisories | CVE-2020-15157
MD5 | 0ff1cab3c8d8dd33e88294428bb3c3f2
Ubuntu Security Notice USN-4589-1
Posted Oct 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4589-1 - It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials.

tags | advisory, remote, registry
systems | linux, ubuntu
advisories | CVE-2020-15157
MD5 | 6b7595a2ebb73feb35765b548371311f
Ubuntu Security Notice USN-4583-1
Posted Oct 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4583-1 - It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain HTTP cookies. An attacker could possibly use this issue to forge cookie which is supposed to be secure. Various other issues were also addressed.

tags | advisory, web, php
systems | linux, ubuntu
advisories | CVE-2020-7069, CVE-2020-7070
MD5 | 12cf9b32480b82e7ad683d2a4b2e6274
Ubuntu Security Notice USN-4582-1
Posted Oct 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4582-1 - It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS. It was discovered that Vim incorrectly handled restricted mode. A local attacker could possibly use this issue to bypass restricted mode and execute arbitrary commands. Note: This update only makes executing shell commands more difficult. Restricted mode should not be considered a complete security measure. Various other issues were also addressed.

tags | advisory, arbitrary, shell, local
systems | linux, ubuntu
advisories | CVE-2017-17087, CVE-2019-20807
MD5 | e6159e2f38d8be01d2ed2841a3b41473
Page 1 of 278
Back12345Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close