Windows Defender Antivirus version 4.18.1908.7-0 suffers from a file extension spoofing vulnerability.
9c87ebe0a950038ec49698e614427865d34fa71d00aaa326db3438f44ff47340
Qualys discovered a local privilege escalation in OpenBSD's dynamic loader (ld.so). This vulnerability is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and yields full root privileges. They developed a simple proof of concept and successfully tested it against OpenBSD 6.6 (the current release), 6.5, 6.2, and 6.1, on both amd64 and i386; other releases and architectures are probably also exploitable.
4e1f695e83c851f4826c356e0fbe52865163d4b41d6d1a6675fca7178914287b
This Metasploit module exploits a command injection in OpenNetAdmin versions 8.5.14 through 18.1.1.
35cfdca0ccb7572d95d29ab998df91c435fbe8a884d9e9397433812a1e2dba84
Bullwark Momentum Series JAWS version 1.0 suffers from a directory traversal vulnerability.
812ea067f8411484fcca9fa042d4db7bb3aaad1b2fbd3bcfba9f99c82a72d77e
Red Hat Security Advisory 2019-4222-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the OpenShift Service Mesh 1.0.3 release. Issues addressed include bypass and information leakage vulnerabilities.
b2a1a71b3240fd4a5eecdd501cf50521834ef92d4f127b8c561957c5713f4807
Ubuntu Security Notice 4214-2 - USN-4214-1 fixed a vulnerability in RabbitMQ. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
2112292b5a575a6773006ae499f13974f24b967062a1ffcc2995cd73cdf877e1
Ubuntu Security Notice 4217-2 - USN-4217-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this issue to crash Samba, resulting in a denial of service. Various other issues were also addressed.
6db26f2e489f1384d2f218d9e2544521385fb447c71f37e016d74825ac3f8bbb
Red Hat Security Advisory 2019-4205-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.3.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.
f5bf3a71f0f072a56b5b524522f3e3b81d1c5f4450a265075f0956b200eb427a
Apple Security Advisory 2019-12-10-4 - watchOS 5.3.4 is now available and addresses a code execution vulnerability.
1dd65e33fa30d96c7e71f594fa0beb7112c07e9edcdc179ba8b8acb18bca93b3
Apple Security Advisory 2019-12-10-3 - macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
b651beb0596bd01825899fb024d843d9d4e9505c64bbac1cf929d726afef8fea
Apple Security Advisory 2019-12-10-2 - iOS 12.4.4 is now available and addresses a code execution vulnerability.
298fdb38a5819045ffca3db0d909775021b10b0103d9909f681caab522f0b3b1
Apple Security Advisory 2019-12-10-5 - tvOS 13.3 is now available and addresses code execution vulnerabilities.
f40fca55a8332f8b254d2b83dd2eaa9c3afcc0ba8d18e4b8226f84bbaa8f4aa3
Apple Security Advisory 2019-12-10-6 - Safari 13.0.4 is now available and addresses code execution vulnerabilities.
c2e499374dc61b9168d037d257d9df0f5e3440705c362c8eda290238fe053478
Apple Security Advisory 2019-12-10-8 - watchOS 6.1.1 is now available and addresses code execution vulnerabilities.
b171b83171902587ee3e7c6a2ee6f0276f92906704016d21430a0f5f72bfdde5
Red Hat Security Advisory 2019-4096-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
8219ff12fd3a3fece1dff64e64efb86797ab26cd991429d2ac3e6f84c168feb7
Red Hat Security Advisory 2019-4101-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.
80a5309cd0cd3d1f226ed6ded6c3ce95418dae87d988d55388f0cfd788f62890
Red Hat Security Advisory 2019-4097-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass and cross site scripting vulnerabilities.
0e93a0a477a78ac15b177c73a04ddbcb223a3005c9c031f79cfbf07210cecc1b
Red Hat Security Advisory 2019-4098-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
9a342e551ed99ba6cc1ab05eb071d3499051a808cd048ae97a83087d3d3a3d2d
Red Hat Security Advisory 2019-4099-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
b4a93ca9c1bac173c383bf31b2dc06299089d5cfd9de0faa7a939a4ee1a3ea46
Ubuntu Security Notice 4221-1 - It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service.
da363a7594497bc028ce7fc26af501f3dcf5c89de6af10b5cab5f00cf2d37d3b