Ubuntu Security Notice 4348-1 - It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this to issue execute arbitrary scripts or HTML. It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to display arbitrary text on a web page. It was discovered that Mailman incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
0182a08a46b822207d21d5388a61d1d799ca704a08b40c2ce1915ca7ddf53cd6Red Hat Security Advisory 2020-1970-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 81.0.4044.122. Issues addressed include out of bounds read and use-after-free vulnerabilities.
f3c02d2845648f81236b3aeb2c73319fa0b6765978c93983549346fb4111f753This Metasploit module exploits a vulnerability that allows remote attackers to execute arbitrary code on vulnerable installations of Apache Shiro version 1.2.4.
0f186f161bc8220e1b6f8e1a04626191746fd3904db4d3e3cd00c8971c1ab028Ubuntu Security Notice 4341-3 - USN-4341-1 fixed vulnerabilities in Samba. The updated packages for Ubuntu 16.04 LTS introduced a regression when using LDAP. This update fixes the problem. It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. Various other issues were also addressed.
0e47586447fc86381469e18fba418d8b2b981dd8a8da9c30febbacb3a3cb20bcRed Hat Security Advisory 2020-1963-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
d89c1f72c11415c877a264f7eb82847e1dc247053f8bb44de1251e355f54f717Ubuntu Security Notice 4347-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
6e9597ffacccb413974284a827eaf058b7a6e65f7fc5b43482f127d363dd0aa5Druva inSync Windows Client version 6.5.2 suffers from a local privilege escalation vulnerability.
31dfb7b5bc6e0e8460608ac6efee03fdb1a7159259a19815bc7b9c3106a68129Red Hat Security Advisory 2020-1962-01 - Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. Issues addressed include an HTTP request smuggling vulnerability.
f76a7373f83c63f0468745123de29bfacbdf1df8aba2f0fc31cce2d3f0bf42b8Ubuntu Security Notice 4346-1 - It was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
5007d0c0254a1c6a5e5cf578a8b0ddceb4d3bd150c9e8183a5720ea38dd8fea1hits script version 1.0 suffers from a remote SQL injection vulnerability.
5d84239f404367cfcc0755fee28879cc891111f6491a780d5fbb098b79daa891Ubuntu Security Notice 4345-1 - Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
f6fefff774c0c873366a1f04ab860ca67e33b79ee3a6c1366475705f24550bb0Red Hat Security Advisory 2020-1966-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
747530524fabfcc59f4b85bb4f43544916e29cdf8410fa0c2c3621201f620667Red Hat Security Advisory 2020-1932-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a file overwrite vulnerability.
276c6f8d4a8d768737d5e541ca8f6c66cbb00d44eed494e475a5d2ef49e4adf0EmEditor version 19.8 suffers from an insecure file permission vulnerability.
a90bafdd2cbfefa34fbbea58c90b700449be9cad9a3c7d2b1c6cd4b3582cdd28Ubuntu Security Notice 4344-1 - It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service. It was discovered that the Intel WiMAX 2400 driver in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
8843a25d79794069c7f4af8f0b7bc644c52469c455abf6857c3eb07ff7d996f0Gigamon GigaVUE version 5.5.01.11 suffers from directory traversal and file upload with command execution vulnerabilities. Gigamon has chosen to sunset this product and not offer a patch.
4f94429e64d9c424c9369febb776c41eae261c908658edff22b96292c43a0a65Red Hat Security Advisory 2020-1926-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a file overwrite vulnerability.
aedbc836c2e8f38b200fdb4302da9957d9682490a2441628b77176d4f2cfad70NVIDIA Update Service Daemon version 1.0.21 suffers from a nvUpdatusService unquoted service path vulnerability.
503db033cf0df9a8ab28aa60846bb44ef7310c0396452231a748fdc182ab89dbUbuntu Security Notice 4343-1 - Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service or execute arbitrary code.
ab66cf024812bc9e3054dcbc09600092390f811a199175dcbe3a956a3cbb59a3Ubuntu Security Notice 4342-1 - Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
8be453bd452ae15bb83b01ddb47f279540dafd5d10a9322ef239871e73451623Red Hat Security Advisory 2020-1931-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a file overwrite vulnerability.
c241c0a7096656ffc7f5ebf489cd3b4b68539bc597b3fd8ee3e5b516852ac409Red Hat Security Advisory 2020-1933-01 - The targetcli package contains an administration shell for configuring Internet Small Computer System Interface, Fibre Channel over Ethernet, and other SCSI targets, using the Target Core Mod/Linux-IO kernel target subsystem. FCoE users also need to install and use the fcoe-utils package. A command execution vulnerability was addressed.
216995f16c2986f30c6a10d01eddb066dae26192caf7460b7a6638b2fb940e1fOpen-AudIT Professional version 3.3.1 suffers from a remote code execution vulnerability.
5893982b84476fb326ba71dec7355182063aa15846f74c2968e884acb1e5e0f0Open-AudIT version 3.2.2 suffers from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.
d8e9402b9604c3706a2115909b60726c461d0262c2196626918539a2164e5352School ERP Pro version 1.0 suffers from an arbitrary file read vulnerability.
66a872f32ba02b4e93f374c2a694f871df9e25610abafbc0a4b38e5fd174d855
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed