Red Hat Security Advisory 2019-2511-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. As usual, Oracle refuses to give details on the vulnerabilities.
5cfb9f6bd94446cd2d6c1fca4f42a064Adobe Acrobat Reader DC for Windows suffers from a heap-based buffer overflow vulnerability while processing malformed PDF files.
07fbd913c02bfc0914d6b60dc2f267b1Adobe Acrobat Reader DC for Windows suffers from a use-after-free vulnerability due to a malformed JP2 stream.
c356fb26714cf580caa35417489e7bceGentoo Linux Security Advisory 201908-16 - A vulnerability in ProFTPD could result in the arbitrary execution of code. Versions less than 1.3.6-r5 are affected.
4f679a291bc0cfa34a4d5f5f216d8221Red Hat Security Advisory 2019-2507-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a buffer overflow vulnerability.
99277ea2e9859d79894114c865f9ef8fAdobe Acrobat Reader DC for Windows suffers from a heap-based out-of-bounds read vulnerability due to a malformed JP2 stream.
030db208b951bd063ffb31e2218b631bGentoo Linux Security Advisory 201908-15 - A vulnerability in ZNC allows users to escalate privileges. Versions less than 1.7.4_rc1 are affected.
d5fa985bad9cb13ada58dd00d50a6524Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in FixSbitSubTableFormat1.
55a09d6b95da977abd7a21440e6e7191Gentoo Linux Security Advisory 201908-14 - Multiple vulnerabilities have been found in polkit, the worst of which could result in privilege escalation. Versions less than 0.115-r2 are affected.
435b7afe44096e91fa363dda02566836Red Hat Security Advisory 2019-2506-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.
d59755f7501ed1f81d292a2af294d06aMicrosoft Font Subsetting DLL suffers from a heap corruption vulnerability in MakeFormat12MergedGlyphList.
b390832ce1914d9f6f8ad1fc7dcc443fMicrosoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in WriteTableFromStructure.
2e11d2396512a610cd0ccb4456e3a79eMicrosoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadAllocFormat12CharGlyphMapList.
2f1b2c923d897f27f8e2451323181db8Gentoo Linux Security Advisory 201908-13 - Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in the arbitrary execution of code. Versions less than 6.2.5.2 are affected.
92eba3eb4fd5e420de976686e92013d4Gentoo Linux Security Advisory 201908-12 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 60.8.0 are affected.
a8e68267ac356665d3881a395692ae9aGentoo Linux Security Advisory 201908-11 - Multiple vulnerabilities have been found in libarchive, the worst of which could result in the arbitrary execution of code. Versions less than 3.3.3 are affected.
46cd04285e38391384295eabba5a23d7Red Hat Security Advisory 2019-2505-01 - ironic-inspector is an auxiliary service for discovering hardware properties for a node managed by Ironic. Hardware introspection or hardware properties discovery is a process of getting hardware parameters required for scheduling from a bare metal node, given its power management credentials. Issues addressed include a remote SQL injection vulnerability.
f7e751ed4a1ee3bada58f54deaad8f1cMicrosoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadTableIntoStructure.
36563163055857a35415020476647736Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in FixSbitSubTables.
fbd259d7ae781727046832e42eec9e65Microsoft Font Subsetting DLL suffers from a double free vulnerability in MergeFormat12Cmap / MakeFormat12MergedGlyphList.
532a65269acdf02274966684a9217063Gentoo Linux Security Advisory 201908-10 - Multiple vulnerabilities have been found in Oracle's JDK and JRE software suites. Versions less than 1.8.0.202:1.8 are affected.
dfd5ee3e64899b150b2cb6e282e7523aRed Hat Security Advisory 2019-2503-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a cross site request forgery vulnerability.
1dae2b9f7474004e5445e2f4a1621e79Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in GetGlyphIdx.
bc69c72f441705dbdacafd14b4463351The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts. It has an issue where it returns a dangling pointer via MergeFontPackage.
a37215450a080d80e56c0fbafdfbfe55Adobe Acrobat CoolType (AFDKO) performs a call from uninitialized memory due to an empty FDArray in Type 1 fonts.
23b5dd335119cafb3fe2d94dbcd9fb45
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed