Red Hat Security Advisory 2020-3740-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 85.0.4183.102. Issues addressed include a use-after-free vulnerability.
7beae7d29a2a9e74655915b35e5e37aeRed Hat Security Advisory 2020-3733-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
5e39994ed55bc6c3a12ea673df304f79Red Hat Security Advisory 2020-3734-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
572ba91222d89848f8aff1f4a7ba87a2Red Hat Security Advisory 2020-3726-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
42e492c2a5d6c225048eb25a2e2aec1cRed Hat Security Advisory 2020-3723-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 85.0.4183.83. Issues addressed include information leakage, integer overflow, and use-after-free vulnerabilities.
3a3ae1c3cfa4b75de5e2102a900dbac4Red Hat Security Advisory 2020-3714-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
39fb1fdee375d2aac57c16ea2aade943Red Hat Security Advisory 2020-3662-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer over-read, buffer overflow, code execution, information leakage, integer overflow, null pointer, out of bounds read, and use-after-free vulnerabilities.
1e12fa29983b7f83af758496e3d90857Red Hat Security Advisory 2020-3623-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include a HTTP request smuggling vulnerability.
ddb845760e3fe557d5f94b143c3f5342The CGI and FastCGI implementations in the Go standard library behave differently from the HTTP server implementation when serving content. In contrast to the documented behavior, they may return non-HTML data as HTML. This may lead to cross site scripting vulnerabilities even if uploaded data has been validated during upload. Versions 1.15 and 1.14.7 and below are affected.
130ddc7a83a7200dee6d6d19904f8bd0sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
f79dac9b60f40ccdb4e1a05797b7cdc6Ubuntu Security Notice 4477-1 - Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. RĂ©gis Leroy discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request splitting attack, resulting in cache poisoning. Lubos Uhliarik discovered that Squid incorrectly handled certain Cache Digest response messages sent by trusted peers. A remote attacker could possibly use this issue to cause Squid to consume resources, resulting in a denial of service. Various other issues were also addressed.
44c77ca040383d52dd8b135b79c2c848Red Hat Security Advisory 2020-3574-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include bypass and code execution vulnerabilities.
bd03d4978fc69d3110e68b9684b0e2b9Red Hat Security Advisory 2020-3560-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 84.0.4147.135. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
7d82d6fd82dc7a6edf5470b7c4813239Red Hat Security Advisory 2020-3559-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.
dd14bba5bb91f3ba087aaf23ce9cf45eRed Hat Security Advisory 2020-3557-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.
8187253bad47d8d9c53578bf1006c716Red Hat Security Advisory 2020-3556-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.12.0 ESR. Issues addressed include a use-after-free vulnerability.
3f03bf1ee96b20ef6af6fb876c27f851Red Hat Security Advisory 2020-3555-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.
11f134d07ab19c60b45cd9d94c83d352Red Hat Security Advisory 2020-3558-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.12.0 ESR. Issues addressed include a use-after-free vulnerability.
8590472feb45c8cdc03eaf44d7eb210cRed Hat Security Advisory 2020-3501-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, denial of service, deserialization, and improper authorization vulnerabilities.
ac9bd5cfa5a256e6462e7a36ea5cb84aRed Hat Security Advisory 2020-3495-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
79d39cd0dd74dc916c03935a389202d6Red Hat Security Advisory 2020-3496-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
18ddcbf798c1e82188024d61e90a7736Red Hat Security Advisory 2020-3497-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
4092f7809fe8d90daccc6e1f81e09d7dUFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.
49e9e16fbc97e3a2ca94cbab3ae02631QiHang Media Web Digital Signage version 3.0.9 suffers from a pre-authentication remote code execution vulnerability.
7c248458391a49820ad700528da5bdc1QiHang Media Web Digital Signage version 3.0.9 suffers from an arbitrary file disclosure vulnerability.
4b229bf7159213f08c6c5c724d811ce5
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed