Ubuntu Security Notice 3909-1 - It was discovered that libvirt incorrectly handled waiting for certain agent events. An attacker inside a guest could possibly use this issue to cause libvirtd to stop responding, resulting in a denial of service.
5feeda69f171c08516daa9fefd1c171a0d758ae0abf13daa7dac32a99293c992Ubuntu Security Notice 3908-2 - USN-3908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered a race condition in the fork system call in the Linux kernel. A local attacker could use this to gain access to services that cache authorizations. Various other issues were also addressed.
cd355e52a9ac1d0dd8d224b975200733feb1d18ffeb317d9897cb4ec40c38fc4Apache UNO with LibreOffice version 6.1.2 and OpenOffice version 4.1.6 API remote code execution exploit.
e2b894b02b0d519f364d9b8389e1395625e36a8ea0fa94f0e67e01102efe1363Pegasus CMS version 1.0 suffers from a code execution vulnerability in extra_fields.php.
5654dd898fdbd2a74dc6a9899cffa43e0777a04f300fc3a71db69c3c27e51af4This document provides an overview of IPv6 security that is specifically aimed at IPv4 engineers and operators. Rather than describing IPv6 in an isolated manner, it aims to re-use as much of the existing IPv4 knowledge and experience as possible. It highlights the security issues that affect both protocols in the same manner, as well as those that are new or different for the IPv6 protocol suite. Additionally, it discusses the security implications arising from the co-existence of the IPv6 and IPv4 protocols.
6299f730e51fc8b49a0c729d3a77152a920e8d27a689dc30f3a33ca697c63524The Cisco Common Service Platform Collector versions 2.7.2 through 2.7.4.5 and all releases of 2.8.x prior to 2.8.1.2 contain hardcoded credentials.
9de3cc083ddf7db43e4d74958044bd8416ed3ad485d7ce5d8ebc5ba34711b3c6Red Hat Security Advisory 2019-0567-01 - The OpenStack Load Balancing service provides a Load Balancing-as-a-Service version 2 implementation for Red Hat OpenStack platform director based installations. Issues addressed include a flaw where private keys are being written to world-readable log files.
a9d88db6963edf47549e40b038941fc0f8f1311cf0af1f339d2c6a740bf892e5Red Hat Security Advisory 2019-0564-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.
d8bbf36783295d4ae96557eaeea7595a6986819c12c9c30f18433b56b9e505e4Red Hat Security Advisory 2019-0566-01 - OpenStack Telemetry collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents for data collection. This data is stored in a database and presented via the REST API. Issues addressed include a sensitive data disclosure vulnerability.
bd19fb52d8ac4477389c6bddb4960eee86ad0f16353333cdc742b6fff2e2ad6eRed Hat Security Advisory 2019-0547-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security fix: haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash.
f8f395b5cc2db4a67edfc772ef38a621d5793e38880fd91d012b0dae5f8da5b9Red Hat Security Advisory 2019-0548-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security fix: haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash.
2c9c71c4b54ad86bd8c05962992edfe106159e0f2481a8074b9b0945d33f14c8Gentoo Linux Security Advisory 201903-14 - Multiple vulnerabilities have been found in Oracleas JDK and JRE software suites. Versions less than 1.8.0.202 are affected.
c381dad8caa69e0787771dadeb9e4838aadfef674832136569f7bed7299726acGentoo Linux Security Advisory 201903-13 - Multiple vulnerabilities have been found in BIND, the worst of which could result in a Denial of Service condition. Versions less than 9.12.1_p2-r1 are affected.
20178947f78d93af28560f3c97f646f81bdf530ecfd3cbf7c3069ee86f198ce7Gentoo Linux Security Advisory 201903-12 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Versions less than 2.22.6 are affected.
e4d655a64eeb12492792f85c6cecf7544470b51106f00ff2aa7e2b5750d126d7Gentoo Linux Security Advisory 201903-11 - A vulnerability was discovered in XRootD which could lead to the remote execution of code. Versions less than 4.8.3 are affected.
a782e4d19c8a1657eb055ac46f184fcbf0878654d0e3b368d7e76454b3e471aaGentoo Linux Security Advisory 201903-10 - Multiple Information Disclosure vulnerabilities in OpenSSL allow attackers to obtain sensitive information. Versions less than 1.0.2r are affected.
77f749728ff0ba1057d2f4792d97c1278a4ef4a6d57fe67b15d03cfd253b0d2dGentoo Linux Security Advisory 201903-9 - A vulnerability in the GNU C Library could result in a Denial of Service condition. Versions less than 2.26.0 are affected.
fd2bfcfa2504edca7525c8f160e368d592f9ee6e2501031641d994d1e2af688dFTPGetter Standard version 5.97.0.177 suffers from a remote code execution vulnerability.
c9ec3b8b39c43366cf5b349dad4ee05900ab6f3116f21decf53d7ce527586cedThis is a write up detailing the root cause of the kernel privilege escalation vulnerabilities Microsoft patched on March 12, 2019.
21972ee2969bde7c0fb73197ec2ceda1ff103835f938cd09ebaad29569f4f82a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed