Avian JVM version 1.2.0 suffers from a silent return issue in the vm::arrayCopy method defined in classpath-common.h, where multiple boundary checks are performed to prevent out-of-bounds memory read/write. One of these boundary checks makes the code return silently when a negative length is provided instead of throwing an exception.
53ead956cdf9e9e2c075fcdfff1ae5c760e139f9927afb026cac0d5b93cd5921Avian JVM version 1.2.0 suffers from multiple vm::arrayCopy() integer overflow vulnerabilities.
f95c4205b8ecd4cf340fed2f7ac5947cbf815565adc1c0184abd2d90668c51dcSugarCRM versions prior to 10.1.10 suffer from a remote SQL injection vulnerability.
dcd6f8e1b431c4d591d3fca6cf750508720c3bcb8fd317bf29a73f62c5ce15b8SugarCRM versions prior to 10.1.10 suffer from multiple cross site scripting vulnerabilities.
3b4dd8343f28746f3b059b1453af1a6567db0f415690776d8a7b2d7da1d2f3d9Ubuntu Security Notice 4457-1 - Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen.
2cedffdffe880bd0711f4c4951cc6487c89857a96808c0af7eaf5e0cffe2b7cfUbuntu Security Notice 4456-1 - It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. It was discovered that Dovecot incorrectly handled memory when using NTLM. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. It was discovered that the Dovecot RPA mechanism incorrectly handled zero-length messages. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.
92f79dc3df0ec06f5cefb85e621601251c661132d679e69cee61a4bcdc9ff89aRed Hat Security Advisory 2020-3433-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
bc35196fc23412754114675665e67a3d69cf7c2e0e500412552ff545649b0fd2Red Hat Security Advisory 2020-3432-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
eb5edce74a1749a56db1e9936abec970445773d566c667d7144b25ff983f1df7Gentoo Linux Security Advisory 202008-7 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 84.0.4147.125 are affected.
ed0557a2ff2f89cfe09772fe9e48e3450a3bd39d368223ab1790ca9d25ccfe58Red Hat Security Advisory 2020-3414-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
8525c6c62ab4a32693caeae747434d92ce338f25f275ed8936ddc1fc10a4316fFuel CMS version 1.4.7 suffers from an authenticated remote SQL injection vulnerability.
4ae5ec0beb2c3044f53f42044cecbb911c8cd94fdfd2abc8a690b12bc25f378cDebian Linux Security Advisory 4745-1 - Several vulnerabilities have been discovered in the Dovecot email server.
e77015aab1b26d25b21febdfdb9e607af81fe1cc6f92ff6eb0a5b91511129267
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed