exploit the possibilities
Showing 51 - 75 of 6,920 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-4539-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4539-1 - Andrew Bartlett discovered that DAViCal Andrew's Web Libraries did not properly manage session keys. An attacker could possibly use this issue to impersonate a session.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2020-11728
MD5 | 44eaff60e3935fcf8a263b260377821b
Ubuntu Security Notice USN-4536-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4536-1 - Youssouf Boulouiz discovered that SPIP incorrectly handled login error messages. A remote attacker could potentially exploit this to conduct cross-site scripting attacks. Gilles Vincent discovered that SPIP incorrectly handled password reset requests. A remote attacker could possibly use this issue to cause SPIP to enumerate registered users. Guillaume Fahrner discovered that SPIP did not properly sanitize input. A remote authenticated attacker could possibly use this issue to execute arbitrary code on the host server. Various other issues were also addressed.

tags | advisory, remote, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2017-15736, CVE-2019-11071, CVE-2019-16391, CVE-2019-16392, CVE-2019-16393, CVE-2019-16394, CVE-2019-19830
MD5 | 26358c71d5c54c232b20eb20dc1c6bc3
Ubuntu Security Notice USN-4538-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4538-1 - Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use this issue to install untrusted packages, contrary to expectations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-16121, CVE-2020-16122
MD5 | 9ab387948f7d20a426a21b86db0d000e
Ubuntu Security Notice USN-4537-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4537-1 - Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the presence of local files.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-15703
MD5 | 79d913f2fe0fa46f1fd8a7e378f21f45
Ubuntu Security Notice USN-4535-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4535-1 - Gabriel Corona discovered that RDFLib did not properly load modules on the command-line. An attacker could possibly use this issue to cause RDFLib to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-7653
MD5 | d7118c8df0a69ff1a86eb57717176ba9
Ubuntu Security Notice USN-4534-1
Posted Sep 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4534-1 - It was discovered that Perl DBI module incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information.

tags | advisory, perl
systems | linux, ubuntu
advisories | CVE-2019-20919
MD5 | 81da7816a7bd783ef177b9e1666a82d6
Ubuntu Security Notice USN-4533-1
Posted Sep 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4533-1 - Veeti Veteläinen discovered that the LTSP Display Manager incorrectly handled user logins from unsupported shells. A local attacker could possibly use this issue to gain root privileges.

tags | advisory, shell, local, root
systems | linux, ubuntu
advisories | CVE-2019-20373
MD5 | f737de063aa0c72d9f092dd14307d74a
Ubuntu Security Notice USN-4532-1
Posted Sep 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4532-1 - It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header that lacks a colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2019-16869, CVE-2019-20444, CVE-2019-20445
MD5 | 5ae25a0d5a546f3db8eb194eab1e23cf
Ubuntu Security Notice USN-4530-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4530-1 - Wolfgang Schweer discovered that Debian-LAN did not properly handle ACLs for the Kerberos admin server. A local attacker could possibly use this issue to change the passwords of other users, leading to root privilege escalation.

tags | advisory, local, root
systems | linux, debian, ubuntu
advisories | CVE-2019-3467
MD5 | 1ed5ed1abd998bda2cba606ced76cd87
Ubuntu Security Notice USN-4531-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4531-1 - It was discovered that the BusyBox wget applet incorrectly validated SSL certificates. A remote attacker could possibly use this issue to intercept secure communications.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2018-1000500
MD5 | 35998d78e3effc0e981fd1066145d355
Ubuntu Security Notice USN-4529-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4529-1 - It was discovered that FreeImage incorrectly handled certain memory operations. If a user were tricked into opening a crafted TIFF file, a remote attacker could use this issue to cause a heap buffer overflow, resulting in a denial of service attack. It was discovered that FreeImage incorrectly processed images under certain circumstances. If a user were tricked into opening a crafted TIFF file, a remote attacker could possibly use this issue to cause a stack exhaustion condition, resulting in a denial of service attack. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2019-12211, CVE-2019-12213
MD5 | e4d795e868523f46e11bced7d75ce497
Ubuntu Security Notice USN-4528-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4528-1 - Adam Mohammed discovered that Ceph incorrectly handled certain CORS ExposeHeader tags. A remote attacker could possibly use this issue to perform an HTTP header injection attack. Lei Cao discovered that Ceph incorrectly handled certain POST requests with invalid tagging XML. A remote attacker could possibly use this issue to cause Ceph to crash, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2020-10753, CVE-2020-12059, CVE-2020-1760
MD5 | fab54bac4dc3199926f75767984dd1fa
Ubuntu Security Notice USN-4526-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4526-1 - It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service. It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-18808, CVE-2019-19054, CVE-2019-19061, CVE-2019-19067, CVE-2019-19073, CVE-2019-9445, CVE-2020-12888, CVE-2020-14356, CVE-2020-16166
MD5 | 0555d89a453511c4928b0f3f4d89925f
Ubuntu Security Notice USN-4527-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4527-1 - It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. It was discovered that the Atheros HTC based wireless driver in the Linux kernel did not properly deallocate in certain error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19054, CVE-2019-20811, CVE-2019-9445, CVE-2019-9453, CVE-2020-0067, CVE-2020-25212
MD5 | b8cfb269928149f8575ac32ec308fbc1
Ubuntu Security Notice USN-4525-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4525-1 - It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service. It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-18808, CVE-2019-19054, CVE-2020-12888, CVE-2020-16166, CVE-2020-25212
MD5 | a17d985165108ab74ad154daf6c8f23f
Ubuntu Security Notice USN-4524-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4524-1 - Paul Dreik discovered that TNEF incorrectly handled filenames. If a user were tricked into opening a specially crafted email attachment, an attacker could possibly use this issue to write arbitrary files to the filesystem or cause TNEF crash, resulting in a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18849
MD5 | a78e8f2a7370ccd4de7083c10e0fac3f
Ubuntu Security Notice USN-4523-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4523-1 - It was discovered that LibOFX did not properly check for errors in certain situations, leading to a NULL pointer dereference. A remote attacker could use this issue to cause a denial of service attack.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-9656
MD5 | a23b7d22d1b3ff45fcb73f73dbb1c7ba
Ubuntu Security Notice USN-4522-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4522-1 - It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An attacker could use this issue to conduct cross-site scripting attacks.

tags | advisory, remote, web, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2017-18635
MD5 | 59a7e5a0c092d88cf983a64841479d13
Ubuntu Security Notice USN-4521-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4521-1 - It was discovered that pam_tacplus did not properly manage shared secrets if DEBUG loglevel and journald are used. A remote attacker could use this issue to expose sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-13881
MD5 | dda028d0b9bc6515369ca27ea7ce1c42
Ubuntu Security Notice USN-4520-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4520-1 - It was discovered that Exim SpamAssassin does not properly handle configuration strings. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-19920
MD5 | bcae77b44bb6e85060eafc7da7bd23c7
Ubuntu Security Notice USN-4519-1
Posted Sep 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4519-1 - Ratchanan Srirattanamet discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle memory under certain error conditions in the Bluez 5 module. An attacker could use this issue to cause PulseAudio to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15710
MD5 | 3867733a00e40200e172ae435c7a3215
Ubuntu Security Notice USN-4517-1
Posted Sep 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4517-1 - It was discovered that Email-Address-List does not properly parse email addresses during email-ingestion. A remote attacker could use this issue to cause an algorithmic complexity attack, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18898
MD5 | d9bf4f7b847a8dd904e675f42d425349
Ubuntu Security Notice USN-4518-1
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4518-1 - Matthias Gerstner discovered that xawtv incorrectly handled opening files. A local attacker could possibly use this issue to open and write to arbitrary files and escalate privileges.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-13696
MD5 | a56bcdc9f4abb93b414422cbad061641
Ubuntu Security Notice USN-4516-1
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4516-1 - It was discovered that GnuPG signatures could be forged when the SHA-1 algorithm is being used. This update removes validating signatures based on SHA-1 that were generated after 2019-01-19. In environments where this is still required, a new option --allow-weak-key-signatures can be used to revert this behaviour.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-14855
MD5 | dba0cdaf8360696a6ce7753aa16fdc8f
Ubuntu Security Notice USN-4515-1
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4515-1 - Antonio Norales discovered that Pure-FTPd incorrectly handled directory aliases. An attacker could possibly use this issue to access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-9274
MD5 | b3a39e37e465b6b3b492ba5799f1cc8c
Page 3 of 277
Back12345Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close