Ubuntu Security Notice 4068-2 - USN-4068-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 for Ubuntu 16.04 LTS. Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kernel did not properly restrict mmap ranges in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
0c4bf61b72468fcd59a246b2fd84f8d7a3793a8a497b643ce532083fd7e116b5Red Hat Security Advisory 2019-1823-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.4.0 serves as an update to Red Hat Process Automation Manager 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
0905137bd94aa14fc0a8a175a67fcbcc5702cd7d6cccb18e2d7096e7c2569cd1Red Hat Security Advisory 2019-1840-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
efe76a83a18f395a632251059095882c6835ea73f49af86d8e44dab14a216d65Apple Security Advisory 2019-7-22-5 - tvOS 12.4 is now available and addresses code execution, cross site scripting, and use-after-free vulnerabilities.
a073d5ed8110ce510716aaf1b4327d7e54f250576137583621a10b137bdd1d21Axway SecureTransport 5 suffers from an unauthenticated XML external entity injection vulnerability.
7ae144683e44ae643e28c83da54fe27287daee7e50a92c55a6932e7a99323e09Apple Security Advisory 2019-7-22-2 - macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra are now available and address bypass, code execution, and use-after-free vulnerabilities.
06edb784a4752aa4a94e3f66afb745716e5fc85ffa3efeaa7239483824f55009Cisco Wireless Controller version 3.6.10E suffers from a cross site request forgery vulnerability.
9d87c7999f6ffa9dd2fabd3fb997b5926a5fe0f4da7a6b3bc135f20fbdbf7946Jira Server and Data Center products suffer from a template injection vulnerability. Many versions are affected.
0670cac056ef0706c3b99c0a9a1c4c8f0c94e902d675559fb791d7a7720b2d35Ubuntu Security Notice 4068-1 - Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kernel did not properly restrict mmap ranges in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition leading to a use-after-free existed in the Reliable Datagram Sockets protocol implementation in the Linux kernel. The RDS protocol is blacklisted by default in Ubuntu. If enabled, a local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
02490b8df8309a7ab7a198abb51f67d20d6ceaf3205fe71ffb4771c1202d0d72Apple Security Advisory 2019-7-22-3 - Safari 12.1.2 is now available and addresses code execution and cross site scripting vulnerabilities.
c8b84d4552cf4b56b6845cf0a2b4dbd7a126756a66dc3c156e7dbadaf2a2b959Debian Linux Security Advisory 4487-1 - User "Arminius" discovered a vulnerability in Vim, an enhanced version of the standard UNIX editor Vi (Vi IMproved), which also affected the Neovim fork, an extensible editor focused on modern code and features.
c81f438b7fd400aee672d3c2ea89bf6ff929d6cd0199f2bb621e9a7fe546e09dNovismart CMS suffers from a remote SQL injection vulnerability.
67108566d3d5d666ec0b70de576074ba1d4edcff1fca0b5b5705a217f32fd67cUbuntu Security Notice 4067-1 - It was discovered that Evince incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code.
1fb8a2dc32cdecc66cd7c878fa153a85ef5b71e36d8afa5d4af881d222a2a0e7Apple Security Advisory 2019-7-22-4 - watchOS 5.3 is now available and addresses code execution, cross site scripting, denial of service, and use-after-free vulnerabilities.
05143da45f0a4a4a85ef183b070438591e5fb6f8ce9f083e0deaf3fa0438537cBACnet Stack version 0.8.6 suffers from a denial of service vulnerability.
a14fd5751f5725ff3f95639b94b6f4975db09b7879fa7b59efbb1b7252ee4996
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed