what you don't know can hurt you
Showing 1 - 25 of 76,054 RSS Feed

Advisory Files

Ubuntu Security Notice USN-5123-2
Posted Oct 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5123-2 - USN-5123-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-35604
MD5 | ce885e5e20ab62b753aee2d34575ac7b
Ubuntu Security Notice USN-5123-1
Posted Oct 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5123-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-2478, CVE-2021-35575, CVE-2021-35596, CVE-2021-35607, CVE-2021-35613, CVE-2021-35625, CVE-2021-35630, CVE-2021-35634, CVE-2021-35638, CVE-2021-35642, CVE-2021-35646
MD5 | 38403195407e988ed689e75cd407e5fc
Red Hat Security Advisory 2021-3971-01
Posted Oct 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3971-01 - Redis is an advanced key-value store. Issues addressed include denial of service and integer overflow vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32675, CVE-2021-32687, CVE-2021-41099
MD5 | 159e875052b0b8f5e9f96264236b69dc
Red Hat Security Advisory 2021-3967-01
Posted Oct 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3967-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35603
MD5 | d3306d643631adb4dc725d32fb29d27b
Red Hat Security Advisory 2021-3968-01
Posted Oct 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3968-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat, windows
advisories | CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35603
MD5 | 5a90ecef2490e619a8626daf3ba0c8a2
Ubuntu Security Notice USN-5122-1
Posted Oct 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5122-1 - It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
MD5 | 75a32fd05ba1698de40bd98dcc2705d9
Red Hat Security Advisory 2021-3961-01
Posted Oct 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3961-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat, windows
advisories | CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35588, CVE-2021-35603
MD5 | d0a04516116bf2f424a50eff41b21b3e
Red Hat Security Advisory 2021-3960-01
Posted Oct 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3960-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35588, CVE-2021-35603
MD5 | 6b112b48428529ba318a578536138ab0
Red Hat Security Advisory 2021-3956-01
Posted Oct 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3956-01 - XStream is a Java XML serialization library to serialize objects to and deserialize object from XML. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-39139, CVE-2021-39140, CVE-2021-39141, CVE-2021-39144, CVE-2021-39145, CVE-2021-39146, CVE-2021-39147, CVE-2021-39148, CVE-2021-39149, CVE-2021-39150, CVE-2021-39151, CVE-2021-39152, CVE-2021-39153, CVE-2021-39154
MD5 | 94de4c9cd14398aa255f6c1fa4c5e6e6
Red Hat Security Advisory 2021-3955-01
Posted Oct 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3955-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration. This release provides a number of security fixes, bug fixes and enhancements. For detailed information on changes in this release, see the Red Hat Directory Server 11 Release Notes linked from the References section.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2021-3652
MD5 | d0fa325631a3d5e688798bee9b8d6f45
Ubuntu Security Notice USN-5121-1
Posted Oct 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5121-1 - Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman did not properly associate cross-site request forgery tokens to specific accounts. A remote attacker could use this to perform a CSRF attack to gain access to another account. Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman's cross-site request forgery tokens for the options page are derived from the admin password. A remote attacker could possibly use this to assist in performing a brute force attack against the admin password. Various other issues were also addressed.

tags | advisory, remote, csrf
systems | linux, ubuntu
advisories | CVE-2021-42096, CVE-2021-42097
MD5 | e580a4cebc05a472a168210820d5451c
SAP Enterprise Portal Sensitive Data Disclosure
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP Enterprise Portal suffers from an sensitive information disclosure vulnerability in the com.sapportals.navigation.testComponent.NavigationRequestSniffer servlet.

tags | advisory, info disclosure
advisories | CVE-2021-33687
MD5 | 61f49ec4e078bf89a71c995b274bd403
SAP NetWeaver ABAP IGS Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

The SAP NetWeaver ABAP IGS service suffers from multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-27620, CVE-2021-27622, CVE-2021-27624, CVE-2021-27625, CVE-2021-27626, CVE-2021-27627
MD5 | a1faa76c73eb95977c279bc7a00beab0
SAP NetWeaver ABAP Gateway Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

The SAP NetWeaver ABAP Gateway service suffers from multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-27597, CVE-2021-27633, CVE-2021-27634
MD5 | 61146f452932ba3f9a85618de0e61ace
SAP NetWeaver ABAP Enqueue Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP NetWeaver ABAP Enqueue service suffers from multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-27606, CVE-2021-27629, CVE-2021-27630, CVE-2021-27631, CVE-2021-27632
MD5 | 912e8b6998f6a856fc386f297ba25cdb
Ubuntu Security Notice USN-5116-2
Posted Oct 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5116-2 - It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information. Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly compute the access permissions for shadow pages in some situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-3702, CVE-2021-3732, CVE-2021-38198, CVE-2021-38205, CVE-2021-40490, CVE-2021-42008
MD5 | 5a6d994360d223898c2986ae7be189fd
SAP JAVA NetWeaver System Connections XML Injection
Posted Oct 22, 2021
Authored by Pablo Artuso | Site onapsis.com

The Communication Profiles functionality provided within SAP JAVA NetWeaver suffers from an XML external entity injection vulnerability.

tags | advisory, java
advisories | CVE-2021-27635
MD5 | 27e395a685ff18d621dda902145023a6
SAP NetWeaver ABAP Dispatcher Service Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP NetWeaver ABAP Dispatcher service suffers from memory corruption vulnerabilities. An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error in the system causing the system to crash and rendering it unavailable.

tags | advisory, vulnerability
advisories | CVE-2021-27607, CVE-2021-27628
MD5 | 193e1f65a754d8cc0b6e9c8b052b998f
Ubuntu Security Notice USN-5120-1
Posted Oct 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5120-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2019-19449, CVE-2020-26541, CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3759, CVE-2021-38199, CVE-2021-38207, CVE-2021-40490
MD5 | 2b0bea3094eab3e20f9e8cd33f9618c3
Ubuntu Security Notice USN-5119-1
Posted Oct 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5119-1 - It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-30498
MD5 | 63a2abff1bbc961ac825473a36bb45c0
Ubuntu Security Notice USN-5117-1
Posted Oct 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5117-1 - It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service or expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-3739, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759
MD5 | 5ac73f6c665ddfd98934e45df7d0a9a5
Ubuntu Security Notice USN-5116-1
Posted Oct 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5116-1 - It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information. Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly compute the access permissions for shadow pages in some situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-3702, CVE-2021-3732, CVE-2021-38198, CVE-2021-38205, CVE-2021-40490, CVE-2021-42008
MD5 | 715eb5083b40eea27bd0010abe8079e3
Ubuntu Security Notice USN-5115-1
Posted Oct 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5115-1 - It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-3702, CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-3732, CVE-2021-3739, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2021-38166, CVE-2021-38204, CVE-2021-38205, CVE-2021-40490, CVE-2021-42008
MD5 | 6730d8bb9630399283cc815ff2505e83
Red Hat Security Advisory 2021-3949-01
Posted Oct 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3949-01 - Red Hat Advanced Cluster Management for Kubernetes 2.1.12 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains updates to one or more container images for Red Hat Advanced Cluster Management for Kubernetes. Issues addressed include denial of service, integer overflow, and out of bounds read vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2016-4658, CVE-2021-22543, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23840, CVE-2021-23841, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-36222, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576, CVE-2021-37750, CVE-2021-41099
MD5 | 8478436d4e2447ab1ccf1cdf0d7ecf91
Ubuntu Security Notice USN-5114-1
Posted Oct 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5114-1 - It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information. It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly compute the access permissions for shadow pages in some situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-3702, CVE-2021-38198, CVE-2021-40490, CVE-2021-42008
MD5 | 8fa3ae056919ddf7efc9988aa2f5db12
Page 1 of 3,043
Back12345Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    3 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    33 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close