Ubuntu Security Notice 4171-2 - USN-4171-1 fixed several vulnerabilities in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. Various other issues were also addressed.
abf66e9bb78ee4fc3f4fa2fdbc77bb1c869b824bb55a4793c42698211f58272b
ilchCMS version 2.1.23 suffers from multiple cross site scripting vulnerabilities.
595e5826f2df1a9ba6de01b36dc98656ada4aba87b861090a5e8b7243ab1af58
Microsoft Office365 suffers from an improper integrity validation check that can allow for a protection bypass condition that will let docx documents become macro-enabled.
2c85c843faad1e40bc0744b6952da276954df5a951208c8e2365fd3a22ee72de
Ayukov NFTP client version 1.71 suffers from a SYST buffer overflow vulnerability.
b3989f5ffe051b152a6dc04109290ccf3feb74e2f035b4a88ad86380a3e561ca
Apple Security Advisory 2019-11-01-1 - Xcode 11.2 addresses code execution vulnerabilities.
8f667bb484feff0d27382ef7f334a99c096bf5aaac65443a358643e16adfffce
Launch Manager version 6.1.7600.16385 suffers from a DsiWMIService unquoted service path vulnerability.
bac9e01a312d55d4a718710e1537d8efd08a475d2d1cbf7d6e4c74ce9d3e6105
Debian Linux Security Advisory 4557-1 - A use-after-free was found in libarchive, a multi-format archive and compression library, which could result in denial of service and potentially the execution of arbitrary code is a malformed archive is processed.
8854df0f0ebf325962a2b782bfe0cab8bf88e865369dd0953a5c2f4037912df7
Microsoft Office365 suffers from an issue where auto-execution of macro-enabled office documents can be leveraged simply by the file having the same name as a prior document with permissions.
6b5e7f4c5577b0177fcc7218819fcc266d880f9b5625bacf3fde0ddeed225752
Apple macOS version 10.15.1 denial of service proof of concept exploit.
477af505682f069c4588a590a45c210ce6d5250b5841c444014179c45072e780
OpenVPN Connect version 3.0.0.272 suffers from an agent_ovpnconnect unquoted service path vulnerability.
eb0a022600145905b51376f32cfd9a43e05dba67edd9ac8994607fab9ed931e3
Aida64 version 6.10.5200 SEH buffer overflow exploit.
d3c8d3a1db7700de5be62c4ce319bb6b3d4746c09469b6efdc8de6ea8a3ecc64
Whitepaper called Covert Channel and Data Hiding in TCP/IP.
ee6c94c7e37da8cedd6c14da5b0c23870bbf9aaf399d2fe36aa251541bf12313