Ubuntu Security Notice 4122-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, bypass Content Security Policy protections, bypass same-origin restrictions, conduct cross-site scripting attacks, cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
36f7b263210e2345871a9d8a207894684105c082f35ff31ad7fbc21f3ae0cbe0Debian Linux Security Advisory 4515-1 - Several vulnerabilities have been discovered in the webkit2gtk web engine.
819cb4a76b9496e6b14f6e40b6b97754bea8241388f3bc7161e889e08e1b509dThis Metasploit module exploits a vulnerability found in AwindInc and OEM'ed products where untrusted inputs are fed to ftpfw.sh system command, leading to command injection. A valid SNMP read-write community is required to exploit this vulnerability.
fda2ed96c7854f1149174941d930215d8d922e9d68ec36da8fe223a30b08ad38Red Hat Security Advisory 2019-2663-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.1.0 ESR. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.
1e7df8c31050ef3e210f299df41f0f0c8a392aebf25c80e8580cb763d01e6164Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities.
3726cd3c69f647990c48b627f7552d3a2fdba185bb79ef1247f427b865bde817WordPress Spryng Payments WooCommerce plugin version 1.6.7 suffers from a cross site scripting vulnerability.
55eab772a2ffbdda516c06539ff81589b2eacc3a8301db7b3dae61fb08132de6Cisco Email Security Virtual Appliance C380 IronPort remote host header injection exploit.
22df195418f74a56634bd310b7da36a4fdf581a8903f80d6ae395c7c7f946d92Cisco Email Security Virtual Appliance C300V IronPort remote host header injection exploit.
b2a95ef79610176da5267a46a9488b05662546d359c6b416942f91ac57d5e952Cisco Content Security Management Virtual Appliance M600V IronPort remote host header injection exploit.
c7a0b8d068fd7c8df937ba5cf737eafcd11bc58ff8f2299b7f69502289c92892Debian Linux Security Advisory 4514-1 - Alf-Andre Walla discovered a remotely triggerable assert in the Varnish web accelerator; sending a malformed HTTP request could result in denial of service.
abc7cc70e7c953e249fa14ed80d29545524e9f98c1757a25b81558a0721e4cccDebian Linux Security Advisory 4513-1 - Stefan Metzmacher discovered a flaw in Samba, a SMB/CIFS file, print, and login server for Unix. Specific combinations of parameters and permissions can allow user to escape from the share path definition and see the complete '/' filesystem. Unix permission checks in the kernel are still enforced.
d93482db03d7a4dd749d0d95b6c61e6de2e46af0866bd55857054ba3b2b6b6f5Red Hat Security Advisory 2019-2652-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Issues addressed include an exception leak.
948717ee3c5558a8032e553bfcb9afd714527f38888151e7bd875128c4d207a7Red Hat Security Advisory 2019-2651-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a bypass vulnerability.
df767c3bd54e617fd6f47d5b82d6ec2199aa705ea592deecc555c95625d6a2b4DASAN Zhone ZNID GPON 2426A EU versions S3.1.285 and below suffer from multiple cross site scripting vulnerabilities.
a77cd27d921167b0a6dae25e3c0d2ceca2eec4f2cb65a38246c2810a9634ede8Wordpress Download Manager plugin version 2.9.93 suffers from a cross site scripting vulnerability.
b4b519d12331c6905b0c8fa49aa371f4a349e52e4523f297066e312c103102da
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed