Red Hat Security Advisory 2020-0591-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
1466db90fcaec7836bac3cd15b7cb8d7Red Hat Security Advisory 2020-0592-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.
41062dc0a72a79f27648eeff44f918ebRed Hat Security Advisory 2020-0593-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. State injection and out-of-bounds read vulnerabilities have been addressed.
54aae99d7f22b77d94b98d37db970849Red Hat Security Advisory 2020-0594-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include denial of service, null pointer, and out of bounds write vulnerabilities.
df8981f3d1666f0e1fac725df6f6dcf9Debian Linux Security Advisory 4633-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.
7f606fba91b7dc47bb50af7affaf96b9Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
39673c6f9593119051077731df2fa2daThis document is intended for students and security professionals as a quick reference for networking protocols. It covers 50 protocols classified according to the OSI Layer they operate on. The corresponding RFC has been provided to further check for parameters / commands of a particular protocol. From a security perspective, the corresponding attacks / vulnerabilities are also included in this cheatsheet.
5283f87c171d89b2a5c9d8ddec708942Open-Xchange App Suite and Documents versions 7.10.2 and below suffer from multiple server-side request forgery vulnerabilities.
43acfce60891d606ddbc7bb9726ef5adRed Hat Security Advisory 2020-0565-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.5.0. Memory safety issues and various other vulnerabilities have been addressed.
879ed163ae72f560b6ff5130cff4c68fUbuntu Security Notice 4279-2 - USN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a regression. This update fixes the problem. It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. Various other issues were also addressed.
7832c919bd2f89e68f7d1e97d3e21a3cUbuntu Security Notice 4286-2 - USN-4286-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
aff5d99660a6cf45c6cd9363ec293dc7Ubuntu Security Notice 4287-2 - USN-4287-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
e0a917b1318a227cbe7dcda44cca0d1aSmartClient version 120 suffers from information disclosure, local file inclusion, remote file upload, and XML external entity injection vulnerabilities.
57f8471ef038330e69a08ce5bd6f84a5Red Hat Security Advisory 2020-0543-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.
891d7f413bcda9c61a938542509339f3Red Hat Security Advisory 2020-0544-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include denial of service, null pointer, and out of bounds write vulnerabilities.
6e5f2809f97c01e413f0335f27349e23Red Hat Security Advisory 2020-0542-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
36ca79a9c0aa092c71d1c1e109fc609fDebian Linux Security Advisory 4627-1 - Cross site scripting, denial of service, and various other vulnerabilities have been discovered in the webkit2gtk web engine.
f3947b1b2cfd794fb8ffa2fd07974cd5Debian Linux Security Advisory 4624-1 - Several vulnerabilities were discovered in evince, a simple multi-page document viewer.
d759d57aa46efab3f4b2a0d5b68fb07eRed Hat Security Advisory 2020-0514-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.87. Issues addressed include information leakage, null pointer, and out of bounds write vulnerabilities.
674d9ff97b1fed31431ddce21fa5117eDebian Linux Security Advisory 4621-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of Kerberos GSSAPI and TGS requests or incorrect TLS handshakes.
d8f6fe82a3da5926a5bf6c7c66327ba9WebKitGTK+ and WPE WebKit suffer from denial of service, logic, and code execution vulnerabilities. Versions affected include WebKitGTK before 2.26.4 and WPE WebKit before 2.26.4.
63296e037dbca3224fc4f826a24e45daSOPlanning version 1.45 suffers from multiple remote SQL injection vulnerabilities.
ec84825ba294188a751657c615e0f774CA Technologies, A Broadcom Company, is alerting customers to three vulnerabilities in CA Unified Infrastructure Management (Nimsoft / UIM). Multiple vulnerabilities exist that can allow an unauthenticated remote attacker to execute arbitrary code or commands, read from or write to systems, or conduct denial of service attacks. CA published solutions to address these vulnerabilities and recommends that all affected customers implement these solutions. The first vulnerability, CVE-2020-8010, occurs due to improper ACL handling. A remote attacker can execute commands, read from, or write to the target system. The second vulnerability, CVE-2020-8011, occurs due to a null pointer dereference. A remote attacker can crash the Controller service. The third vulnerability, CVE-2020-8012, occurs due to a buffer overflow vulnerability in the Controller service. A remote attacker can execute arbitrary code.
b836a3683ff08a889e3a66d3ea648cdfRed Hat Security Advisory 2020-0498-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include cross site scripting and null pointer vulnerabilities.
be6712bb6e1b0b6fbcc03ea514fe6279XPC fast path fails to ensure NULL termination of XPC strings, leading to memory disclosure and corruption vulnerabilities in XPC services.
0f1657d7f62dc322829fee09424c0e5c
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed