Protection Licensing Toolkit ReadyAPI version 3.2.5 suffers from an unsafe deserialization vulnerability that allows for remote code execution.
0a738ab46dd18ea4fe3151340310163ee7d1af2f6352f68d94c163c9e82580b4Open-Xchange Dovecot versions 2.3.0 through 2.3.10 suffer from null pointer dereference and denial of service vulnerabilities.
3aa6155c0580d269fb7fdbdd9648de20d10f066c289ea5f31c5a7bb2f6be630bRed Hat Security Advisory 2020-2231-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. A hard-coded credential issue was addressed.
4635888464ab46ad2b3dd048df0ee14c16535cf12e3be061bb2f19b392464e5fRed Hat Security Advisory 2020-2210-01 - KornShell is a Unix shell which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.
85778f72ae62371bd221f5640a7c707bf70178faaf417114e0402a1da7603aaaRed Hat Security Advisory 2020-2213-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.
f10e9bd47c5a931bbdde4ece3050309ddac09c1f62f038e7d017d3ae8f49073bRed Hat Security Advisory 2020-2214-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, null pointer, and use-after-free vulnerabilities.
9861ea3ee64da4b2bdb1079921a0a087fea60a45825bdb80bdd0d1c5a068203eRed Hat Security Advisory 2020-2212-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
204fe9e162ddd4ea0a9b35105fb63a1dffd81b6842577dafec073b364e4e4943Ubuntu Security Notice 4366-1 - It was discovered that Exim incorrectly handled certain inputs. An remote attacker could possibly use this issue to access sensitive information or authentication bypass.
fa20c59a48dd7ec2dacda4384b8f02fff205e32ea312b2bb14314a56a075844cSysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
ed991ffbece8f543f5dc6aa5a660ab1ed4bae771b6aa4930663a3902cc160ea3Victor CMS version 1.0 suffers from an authenticated remote shell upload vulnerability.
394476ac18e51f9b464af76af825419eac4c6b90a454c171d7afebfad7477c5dnfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
b806f830367458c6c58503282e9bb26f68031a4c4dd3ddf1755523fd2289f282Red Hat Security Advisory 2020-2199-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, privilege escalation, and use-after-free vulnerabilities.
f7ea6ff56060539cc8fd204ebbdc3d293fba3c3860a375f8a984a14366ee7d11PHP-Fusion version 9.03.50 suffers from a remote SQL injection vulnerability.
d2a2f741c4189f3700f85b4e00d3baa56b4e1ee69a08f580698e405352fb6b50Ubuntu Security Notice 4365-1 - Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. Tobias Klein discovered that Bind incorrectly handled checking TSIG validity. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly perform other attacks. Various other issues were also addressed.
826073d220a4b92d755927eeeecec741e50cb7d5ec3122c14816b9effaaa58ccNukeViet VMS version 4.4.00 suffers from a cross site request forgery vulnerability.
1014d9646eb512c83eb992918814cf4ea94a6614ef5ad2d474ebd21a4040fdc1Red Hat Security Advisory 2020-2203-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include null pointer and use-after-free vulnerabilities.
d4db30bdd1e2a8ecd05d7cf8c5026f12278e19c96579c9f09c92489d11501e52Submitty version 20.04.01 suffers from a persistent cross site scripting vulnerability.
b3d5462d338544c2d793cb1f54c9f76dc20b933490c403b7e271fdc8a80afaf7Ubuntu Security Notice 4364-1 - It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service. It was discovered that the vhost net driver in the Linux kernel contained a stack buffer overflow. A local attacker with the ability to perform ioctl calls on /dev/vhost-net could use this to cause a denial of service. Various other issues were also addressed.
40abb3bdec0492cc28e800a42deaff41cbd35c03d6fe95eb0708a885d2822236qdPM version 9.1 suffers from a persistent cross site scripting vulnerability.
243f9d8a4adf78bf32f1e9eaf0c07a5a16b6a774dae63a376acae6ef2be8a21cVictor CMS version 1.0 suffers from a remote SQL injection vulnerability.
54c89e44be3a58eb7c9477008c7efb3a2d1135629e6a80f2bca1083cc5a9b191Victor CMS version 1.0 suffers from a persistent cross site scripting vulnerability.
aef5c03911d6f87dfb8a494208cb4661d3cd3e5ad45bf778e6a895afb0b6b2dd
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed