Apple Security Advisory 2020-05-26-4 - tvOS 13.4.5 addresses code execution, cross site scripting, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
56756c475b2db5ca4e461c12f83e7a9e603128c2351ec2fd18890f6185253754Apple Security Advisory 2020-05-26-11 - Windows Migration Assistant 2.2.0.0 (v. 1A11) is now available and addresses a code execution vulnerability.
2844283de9e565445f79120159bebc35949ae0381b2da4a7abb2c6e9bd66b28cApple Security Advisory 2020-05-26-10 - iCloud for Windows 7.19 is now available and addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.
62db8b0b76c4b9282432d70396fd37bb8568c629f4d9e8835ed1b611ab0d95bbApple Security Advisory 2020-05-26-9 - iCloud for Windows 11.2 is now available and addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.
100cbea4dc7f344692f604cbe8dfab29c51a9e753f7d0e6e5204c16baf6f0880Apple Security Advisory 2020-05-26-5 - watchOS 6.2.5 addresses code execution, cross site scripting, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
2a3498bed642fb25a35b285cbccdfdfb4b489e582424bec1bb96cb1b19041e61Apple Security Advisory 2020-05-26-8 - iTunes 12.10.7 for Windows addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.
b54c3b2604ae9bd59edb7cbd324ad1bc43d253eca37d86dbc127855a7ba085f2Apple Security Advisory 2020-05-26-3 - macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address bypass, code execution, denial of service, double free, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
e548dbe3bc45349923003f3bd1e0ad372863e5efd1c4433b30594bf80a645be4Apple Security Advisory 2020-05-26-7 - Safari 13.1.1 is now available and addresses code execution and cross site scripting vulnerabilities.
8b7dce5d32dceb835cd62c85f176c7a87bd99a3dbad33629c6c8dd27534b2540Apple Security Advisory 2020-05-26-6 - watchOS 5.3.7 addresses a memory corruption vulnerability.
e65dba406f7d8518f1a05c7ce9ea5e72aca13fc63ac0c877fa3d39db3dab9f43Apple Security Advisory 2020-05-26-1 - iOS 13.5 and iPadOS 13.5 address bypass, code execution, cross site scripting, denial of service, double free, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
c0c5b060812bd316b274c589d529f7340c15548e77bf81b29d18618cd79bfb74Apple Security Advisory 2020-05-26-2 - iOS 12.4.7 addresses an out of bounds write vulnerability.
25db04f26f48b4ba1f92482b9041ca6d7f62441ba8497a88e48505ea92305c77Ubuntu Security Notice 4367-2 - USN-4367-1 fixed vulnerabilities in the 5.4 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service. Various other issues were also addressed.
5e42002b4d2ecabf6a6cfa168d989279420dab6dbea6fcbbc0c07e9f5d7946b9Ubuntu Security Notice 4369-2 - USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service. Various other issues were also addressed.
f8da9cd441c6d1901bb239518cb0e0af3d90d2be5c17ffa81da275fed60bf480Ubuntu Security Notice 4359-2 - USN-4359-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that APT incorrectly handled certain filenames during package installation. If an attacker could provide a specially crafted package to be installed by the system administrator, this could cause APT to crash. Various other issues were also addressed.
d2237b38c62fa2201ddc711ec23e9be63e8076e5ad1bd20e78441a7d9b9bc406Crystal Shard http-protection version 0.2.0 suffers from an IP spoofing bypass vulnerability.
5541826f04a3a19d5af667dd573923bfd3ca06a9c8ea0aac07e7a6742fd3ff60WordPress Multi-Scheduler plugin version 1.0.0 suffers from a cross site request forgery vulnerability.
99dbc846378685b2323c34771392c6ef834d8a9183459926257b3a17519139d8Various PanaceaSoft products appear to suffer from a shell upload vulnerability.
e7ff3b66bb7350d5b9bc20efd9077e3228ee400411b82793b4fee4a799111543
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed