Ubuntu Security Notice 4316-1 - It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. It was discovered that GD Graphics Library incorrectly handled loading images from X bitmap format files. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service, or to disclose contents of the stack that has been left there by previous code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
b09ee9b58c468fb819c495efe5c9e3f1Red Hat Security Advisory 2020-1308-01 - The org.ovirt.engine-root is a core component of oVirt.
042587da184d6137dd1038b7ca8c8384Red Hat Security Advisory 2020-1288-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include an out of bounds write vulnerability.
c01a72c249d4407a10f9abc4ef94eaadRed Hat Security Advisory 2020-1290-01 - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Issues addressed include an out of bounds write vulnerability.
9b71948ccc9d2438d0358d337bd26205AIDA64 Engineer version 6.20.5300 Report File filename SEH buffer overflow exploit.
6590017886deb392714463804d9171f6This whitepaper documents a walk through that describes the steps taken to identify a remote code execution vulnerability in multiOTP version 5.0.4.4.
168865d3c5de4d20e8f3595f40cf8679MicroStrategy Intelligence Server and Web version 10.4 suffers from remote code execution, cross site scripting, server-side request forgery, and information disclosure vulnerabilities.
d7196c7b2e9d5315f3c161ae1a25fb32Red Hat Security Advisory 2020-1289-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include an out of bounds write vulnerability.
6af1cef485ffd6aca39a701c8728a87dRed Hat Security Advisory 2020-1300-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.
8dc55c2d6faa0fc31c0edb3e93b6c95bRed Hat Security Advisory 2020-1296-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.
ec4aeaf9c9e35d0d2cc97de33e3cb51eRed Hat Security Advisory 2020-1293-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include an integer overflow vulnerability.
ea7ba5e537e45188a364385f0a56a75bRed Hat Security Advisory 2020-1292-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.
2ef9697b9e958a71ec23a22422aeb40dUbuntu Security Notice 4315-1 - Maximilien Bourgeteau discovered that the Apport lock file was created with insecure permissions. This could allow a local attacker to escalate their privileges via a symlink attack. Maximilien Bourgeteau discovered a race condition in Apport when setting crash report permissions. This could allow a local attacker to read arbitrary files via a symlink attack.
d0b37915b1226aaca515786d4db120d2Gentoo Linux Security Advisory 202004-5 - Multiple vulnerabilities have been found in ledger, the worst of which could result in the arbitrary execution of code. Versions less than 3.1.2 are affected.
ca4c18a1a73228a23af8f0b3a5b728a1Gentoo Linux Security Advisory 202004-4 - A heap use-after-free flaw in Qt WebEngine at worst might allow an attacker to execute arbitrary code. Versions less than 5.14.1 are affected.
bf8de27aa38eea25ae69dd1868cfb1dfGentoo Linux Security Advisory 202004-3 - Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which could result in the execution of arbitrary code. Versions prior to 9.28_rc4 are affected.
3cac5de817c100df5846b9306968a7feGentoo Linux Security Advisory 202004-2 - Multiple vulnerabilities have been found in VirtualBox, the worst of which could allow an attacker to take control of VirtualBox. Versions prior to 6.1.2 are affected.
9d7bb2b48ad3d58d7dc2d1e0c7f6716bGentoo Linux Security Advisory 202004-1 - A vulnerability in HAProxy might lead to remote execution of arbitrary code. Versions less than 2.0.10 are affected.
2ebf09ab662c1ce1596e373ee8e450e0Red Hat Security Advisory 2020-0933-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a memory exhaustion vulnerability.
b596dd525b9acf463c14a14ed9a74448Red Hat Security Advisory 2020-0934-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.
3bea6ee3860a73a053784ff69a5bf970Oracle Coherence Fusion Middleware remote code execution exploit. Supported versions that are affected are 3.7.1.17, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0.
e7fcfe822049cc5b752a861af6c577e3DiskBoss version 7.7.14 Input Directory local buffer overflow proof of concept exploit.
280ca23c683e21e173459ffb00e79c6eThis archive contains all of the 150 exploits added to Packet Storm in March, 2020.
4a24dc33e2ed6b2bddc049bef69a01b510Strike LANState version 9.32 on x86 Host Check hostname SEH buffer overflow exploit.
7f1eb06b56c5aa79bd94057284b6f222Deskpro on-premise helpdesk solution versions prior to 2019.8.0 were found to be prone to multiple high severity vulnerabilities that enable a remote attacker to escalate their privilege to helpdesk administrator. Moreover, it was prone to remote code execution leading to full compromise of the server.
20422c8be62975683577d09bb28c3d16
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed