Dell EMC Secure Remote Services Virtual Edition versions prior to 3.32.00.08 suffer from improper file permission, plaintext password storage, and information exposure vulnerabilities.
8f160751ece08d6712da5b33a8d87a36Ubuntu Security Notice 3796-1 - Daniel Hoffman discovered that Paramiko incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials.
d5067a79d01993a7f40de7ec1a88689eUbuntu Security Notice 3795-1 - Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials.
1dcc29f274ef1d151985494c2d04c5d4Red Hat Security Advisory 2018-2938-01 - Red Hat OpenShift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Thorntail 2.2.0 serves as a replacement for RHOAR WildFly Swarm 7.1.0, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a traversal vulnerability.
f2b8cd2a90e4cf90e18d17597f36476aRed Hat Security Advisory 2018-2925-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, and use-after-free vulnerabilities.
b6a8bd1163aa820ea7c74585ab22776eUbuntu Security Notice 3789-2 - USN-3789-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that ClamAV incorrectly handled unpacking MEW executables. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.
fde2b8334433786ac95fc46db3f82541Red Hat Security Advisory 2018-2933-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.
a97ccc6aaeca9a83d1973ad6a2eed767VMware Security Advisory 2018-0026 - VMware ESXi, Workstation, and Fusion updates address an out-of- bounds read vulnerability.
74edba10b62e5341c33bfb5f5e683ec4Red Hat Security Advisory 2018-2930-01 - Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.11 release serves as a replacement for JBoss Operations Network 3.3.10, and includes several bug fixes. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.
7f44f8a54ec3fcefaa6f8a25aa193dbaRed Hat Security Advisory 2018-2927-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include cross site scripting, denial of service, deserialization, information leakage, and remote SQL injection vulnerabilities.
86e3c320e364310aabefd92cb6e9d762Red Hat Security Advisory 2018-2924-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.
1a2e4d0948580e7d519c6ea9bf75f0f1Ubuntu Security Notice 3794-1 - It was discovered that MoinMoin incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information.
02d752074dbcb3a4b97122ade31fa250ManageEngine OPManager version 12.3 suffers from a persistent cross site scripting vulnerability.
846c5c35dfb7931b34787b04c12a0bb8Ubuntu Security Notice 3792-2 - USN-3792-1 fixed a vulnerability in Net-SNMP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service. Various other issues were also addressed.
bbb68331d63976d5a997a0dc75dd3c41Red Hat Security Advisory 2018-2921-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a denial of service vulnerability.
ff8868258d733db9eeb0af659bcbdd85Red Hat Security Advisory 2018-2918-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include a bypass vulnerability.
85c6890dafacafbf2a1a41398af4739cUbuntu Security Notice 3793-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. It was discovered that if a user saved passwords before Thunderbird 58 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. Various other issues were also addressed.
87fdc4d5aa1e208196180d7170d8f355Ubuntu Security Notice 3792-1 - It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service.
3aeb07109a6cf15ff3a438a836d9be6cUbuntu Security Notice 3790-1 - It was discovered that Requests incorrectly handled certain HTTP headers. An attacker could possibly use this issue to access sensitive information.
754f9259fdb45184151ad7346cb76c6bGhostscript suffers from an issue where .loadfontloop exposes system operators in the saved execution stack.
8ee6daa56e7b3cbcf912ca5433934a03Ubuntu Security Notice 3791-1 - It was discovered that git did not properly validate git submodule urls or paths. A remote attacker could possibly use this to craft a git repository that causes arbitrary code execution when recursive operations are used.
85767dae0ae80bb2ac7587482f498c03Red Hat Security Advisory 2018-2916-01 - The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Issues addressed include a denial of service vulnerability.
d3a8242a565d737b6647653286419eadUbuntu Security Notice 3788-1 - Jakub Wilk discovered that Tex Live incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. It was discovered that Tex Live incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
0add1fab02da616984b256f4e02b4f53Ubuntu Security Notice 3789-1 - It was discovered that ClamAV incorrectly handled unpacking MEW executables. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.
d00ff7442c0eedd7d9df7fa703283d80Red Hat Security Advisory 2018-2913-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.1.0 serves as an update to Red Hat Decision Manager 7.0.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a Yaml unmarshalling vulnerability.
c4738e9bd1c97638aee3b2ceb5f51c97
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed