I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
5d31e0a324dfe429135ac17595b3cab3e81d85d4aa7a720db402dec47bfeda23Red Hat Security Advisory 2019-1024-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Issues addressed include a bypass vulnerability.
70ee9583323959a941fd02894a8b3e1cac2025eccfea01cc74253cb5f82ad559Red Hat Security Advisory 2019-1021-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 74.0.3729.108. Issues addressed include buffer overflow, bypass, and information leakage vulnerabilities.
71a9438fc498a7c72edff22089be6b782351b494d1b1c531ff8caf4c1da15d7cRed Hat Security Advisory 2019-1017-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include a missing attack vector protection.
cdbb4ee33ff6076217f9e3c49cfe5bb478a15e028e0e89f1526e2a08c1885880Red Hat Security Advisory 2019-1022-01 - The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Issues addressed include an information leakage vulnerability.
591e530022d693e35e8d32ad415545349a33e6b9756e352e46a165e4a357b50aInstallations running Postgres 9.3 and above have functionality which allows for the superuser and users with 'pg_execute_server_program' to pipe to and from an external program using COPY. This allows arbitrary command execution as though you have console access. This module attempts to create a new table, then execute system commands in the context of copying the command output into the table. This Metasploit module should work on all Postgres systems running version 9.3 and above. For Linux and OSX systems, target 1 is used with cmd payloads such as: cmd/unix/reverse_perl. For Windows Systems, target 2 is used with powershell payloads such as: cmd/windows/powershell_reverse_tcp. Alternatively target 3 can be used to execute generic commands, such as a web_delivery meterpreter powershell payload or other customized command.
c46a7605f2f59df142894ab93e39c6fbb9ceb49da8db00d316382c22458faf6eAn unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a malicious SOAP request to the interface WLS AsyncResponseService to execute code on the vulnerable host.
7b103f91354f91a5368f07e6173b43d3e6d6c1255ccab672a82be3ddeaa8b9f2Ubuntu Security Notice 3969-1 - It was discovered that wpa_supplicant and hostapd incorrectly handled unexpected fragments when using EAP-pwd. A remote attacker could possibly use this issue to cause a denial of service.
6e169c2098110fa624ea682fb1f9eff00b9bce4271250c82d0730503639041bcRed Hat Security Advisory 2019-0984-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. SQLAlchemy is an Object Relational Mapper that provides a flexible, high-level interface to SQL databases. Issues addressed include a remote SQL injection vulnerability.
78f2b0c17e9dfc47d517a9849cf864e7723b0120abb46f94062ed215b7d60bfbRed Hat Security Advisory 2019-0972-01 - Openwsman is a project intended to provide an open source implementation of the Web Services Management specification and to expose system management information on the Linux operating system using the WS-Management protocol. WS-Management is based on a suite of web services specifications and usage requirements that cover all system management aspects. Issues addressed include a file disclosure vulnerability.
eb6a0335dcac9528ac79026bd9c186ecaad47b13c449efc1cef4a6ff50b97569Red Hat Security Advisory 2019-0985-01 - The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP server. Issues addressed include a bypass vulnerability.
0125077032659c23bab04ac7f7d1d43fbaa2dd7903083d00b0ea006b173b0fbfRed Hat Security Advisory 2019-0983-01 - The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Issues addressed include a buffer overflow vulnerability.
3df8d372da645dfff7327693c1fcc17208f4f1527490624b509cf01336936de9Red Hat Security Advisory 2019-0997-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This package provides the "python3" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3-libs package, which should be installed automatically along with python3. The remaining parts of the Python standard library are broken out into the python3-tkinter and python3-test packages. Issues addressed include an information leakage vulnerability.
0706f54db778ad328c1b0efc96b5ff3ee3da1cce5a5bdf363324b8596f92cea6Red Hat Security Advisory 2019-0981-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. SQLAlchemy is an Object Relational Mapper that provides a flexible, high-level interface to SQL databases. Issues addressed include information leakage and remote SQL injection vulnerabilities.
ddd1cf03a956d8089cb1ded5cc4cd8ddf02a950d7aec570e495b738d17e1b2c9Red Hat Security Advisory 2019-0980-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a bypass vulnerability.
0d471fc4d79ad4660814e40b39efce40484b416271cee12b400763cc07a0892bRed Hat Security Advisory 2019-0968-01 - EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Issues addressed include a buffer overflow vulnerability.
8ad0f9302a4194a67993224b4b172b1a26883163821c2fb65ed4f96654ac7f68Red Hat Security Advisory 2019-0971-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include some missing attack vector protections.
a9bff1942cef8e34246ee73871fa46baf34d82e3b31bccd64653fd9c4a011be1Red Hat Security Advisory 2019-0990-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include an input validation vulnerability.
09cb16c3d1775705c79a44db279157ea99653597312ad697a9852cdd131f3490Red Hat Security Advisory 2019-0975-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a runc binary overwrite vulnerability.
361971a901acb2e5cf0317a4e5d2151265c70d089dbf99e7b20cc0f66d6a31cfRed Hat Security Advisory 2019-0966-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.1 ESR. Issues addressed include a use-after-free vulnerability.
ffaa4285ea0b86a7be83080eb435738e399a2851b88b2578de2b6ff86832514aAdmin Express version 1.2.5.485 folder path local SEH alphanumeric encoded buffer overflow exploit.
f17721a81a44f7a201fc447455c70acfe27cd8c856b588162d5b42870310732fEasy Chat Server version 3.1 message denial of service proof of concept exploit.
68d09096db3d2bfa28612534eb056bc6d6d8041763eb27224b0f06b56bdce900
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed