Ubuntu Security Notice 5085-1 - It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service.
cdd7570b2e91691826b3eb59b9ef014eRed Hat Security Advisory 2021-3638-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.
dc2172f4d7fbeed30437d6079fd174cbApple Security Advisory 2021-09-20-10 - iTunes 12.12 for Windows addresses code execution vulnerabilities.
3e98754bf5c98c2816704d7db807c3a3Ubuntu Security Notice 5086-1 - Johan Almbladh discovered that the eBPF JIT implementation for IBM s390x systems in the Linux kernel miscompiled operations in some situations, allowing circumvention of the BPF verifier. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
ecf3347eeda58d898c2b153f742b6863Apple Security Advisory 2021-09-20-9 - iTunes U 3.8.3 addresses a code execution vulnerability.
b21fc0fab347da30ebec7c87958382e7Apple Security Advisory 2021-09-20-8 - Security Update 2021-005 Catalina addresses buffer overflow, bypass, code execution, denial of service, integer overflow, and out of bounds read vulnerabilities.
2687d56c42a8927b7635267a708d17b5Ubuntu Security Notice 5073-3 - Norbert Slusarek discovered that the CAN broadcast manger protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information. Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code on systems with a joystick device registered. Various other issues were also addressed.
b06e0101b204e8bf810c841ded1e0f03Apple Security Advisory 2021-09-20-7 - macOS Big Sur 11.6 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds read, and use-after-free vulnerabilities.
13241e7baa233f6d334b704ccc309bb8Red Hat Security Advisory 2021-3639-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.
5a6e1556beb320c7b2cdb60339017ecfApple Security Advisory 2021-09-20-6 - iOS 14.8 and iPadOS 14.8 addresses code execution, denial of service, integer overflow, and use-after-free vulnerabilities.
d0b20d27dd698353f67f5b99c5b4f169Apple Security Advisory 2021-09-20-5 - Safari 15 addresses code execution vulnerabilities.
93a4864c5af01735024cc4bbeec0c113Apple Security Advisory 2021-09-20-4 - Xcode 13 addresses multiple issues in nginx.
45cca84a11f977f57c8014db9467753cUbuntu Security Notice 5071-3 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code on systems with a joystick device registered. Various other issues were also addressed.
7a105c299a0a482499d18e4fcd180d3bApple Security Advisory 2021-09-20-3 - tvOS 15 addresses code execution and denial of service vulnerabilities.
2a65ee90cb42883cbdc49f1886eee02cApple Security Advisory 2021-09-20-2 - watchOS 8 addresses code execution and denial of service vulnerabilities.
6f1bb09438fb5fb13abc7dae30e84382Apple Security Advisory 2021-09-20-1 - iOS 15 and iPadOS 15 addresses code execution, denial of service, out of bounds read, and spoofing vulnerabilities.
ac454972f8217c02f4766e3f06ec4ae6Ubuntu Security Notice 5079-4 - USN-5079-2 fixed vulnerabilities in curl. One of the fixes introduced a regression. This update fixes the problem. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Various other issues were also addressed.
1f1499ce64825094c67e05b575440d0bRed Hat Security Advisory 2021-3623-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.
aef2718168d0043471efaffb0a7aa8baUbuntu Security Notice 5084-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
874e9bb23ea0fca4f528b0d7be4db54fRed Hat Security Advisory 2021-3572-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. Issues addressed include a denial of service vulnerability.
54985960b3eb4e25f27c32cd68ccfbc5Red Hat Security Advisory 2021-3598-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
808e80d3a87efc6104e88e2d2359ade3Red Hat Security Advisory 2021-3582-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
61703b5a679bba6648c69ab75f2e5eedUbuntu Security Notice 5079-3 - USN-5079-1 fixed vulnerabilities in curl. One of the fixes introduced a regression on Ubuntu 18.04 LTS. This update fixes the problem. It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Patrick Monnerat discovered that curl incorrectly handled responses received before STARTTLS. A remote attacker could possibly use this issue to inject responses and intercept communications. Various other issues were also addressed.
d613fd1d8b4c7978549014ab03c1cdd7Red Hat Security Advisory 2021-3590-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. Issues addressed include a denial of service vulnerability.
36671b76085f87c1af15fea93ccc786cRed Hat Security Advisory 2021-3585-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
8567e91c76aadbd3e47ce719d3180bf7
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed