Ubuntu Security Notice 4311-1 - It was discovered that BlueZ incorrectly handled bonding HID and HOGP devices. A local attacker could possibly use this issue to impersonate non-bonded devices. It was discovered that BlueZ incorrectly handled certain commands. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.
2401291c8cfe00861ad69e1d24575c9b4a44b76e244600145ac823763df30bc5Ubuntu Security Notice 4313-1 - Manfred Paul discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information or gain administrative privileges.
fa187c728fb6ea55e45b4e9d7eb10b0d30203f2c246d29022b946cc478f7154c10-Strike Network Inventory Explorer version 9.03 Read-from-file buffer overflow exploit that uses SEH and ROP.
d9902b1b7f52b90b881ecd03566b14bdebeafb458532ad05ad92d0692856be5fRecon-Informer is a basic real-time anti-reconnaissance detection tool for offensive security systems, useful for penetration testers. It runs on Windows/Linux and leverages scapy.
146ce8d8d2242cab323c77d566f77441925783b4b3a014f6c04050d000ff0ae7Ubuntu Security Notice 4312-1 - Matthias Gerstner discovered that Timeshift did not securely create temporary files. An attacker could exploit a race condition in Timeshift and potentially execute arbitrary commands as root.
e5a1409e9d1a412aedb562b4d151252c5a7c2be77599c7c1e42b61660d3d4f46Gentoo Linux Security Advisory 202003-66 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 4.2.0-r2 are affected.
26d01ed289b866f334e985320e13cc92a34d670f55069043019c8c11db2221aaGentoo Linux Security Advisory 202003-65 - Multiple vulnerabilities have been found in FFmpeg, the worst of which allows remote attackers to execute arbitrary code. Versions greater than or equal to 4 are affected.
08bea2fea0ca58305840c700a9d387be009f877cc9024d75fa1464f89d1424b1Gentoo Linux Security Advisory 202003-64 - Multiple vulnerabilities have been found in libxls, the worst of which could result in the arbitrary execution of code. Versions less than 1.5.2 are affected.
1a18cd954c42cd43388347d9bf3054c60fdf894469784eff535b974352d59298Gentoo Linux Security Advisory 202003-63 - Multiple vulnerabilities have been found in GNU IDN Library 2, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.2.0 are affected.
53fb6354b0d8ed24a8a1cf0c1606c26800da39fd68fec33fe50b30cd527397ecJoomla Fabrik component version 3.9.11 suffers from a directory traversal vulnerability.
6bad29182a6bd3575ab9ca57bc52555b04aabb4cfdc488f7b87d996ef4ae786bGentoo Linux Security Advisory 202003-62 - A buffer overflow in GNU Screen might allow remote attackers to corrupt memory. Versions less than 4.8.0 are affected.
1adece542b013250731f7a551b384436a018e20e377848029349af3d1343d53aUbuntu Security Notice 4310-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
47400d1f7e7cbbdb1caa0b033a37774a32b0a0c826ca918da1deba8193be05e9Ubuntu Security Notice 4308-2 - USN-4308-1 fixed several vulnerabilities in Twisted. This update provides the corresponding update for Ubuntu 14.04 ESM. it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. Various other issues were also addressed.
39bb858ec4921004263891b18b84c7e30cbaece7168ad65d0909bacbbf72c14eZen Load Balancer version 3.10.1 suffers from a remote code execution vulnerability.
29c20561040a95db93c50db27ac160b719fa168e3166212b7e43c1092858f647This whitepaper is a quick tutorial on pentesting the Zen load balancer.
8ebf09c3635ca8278455d6f94536ff8b1c047cc31e15ee939200ecc06d560253WordPress Event-Registration plugin version 5.43 suffers from an arbitrary file upload vulnerability.
2029bbf836e7de4bb57eb88c7f5f10198718d2552a017080a1b57d33050ff81dDesignMasterEvents CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
68ddabd38ad26973fa944fdad5a667cbba331245d7a590161e74580d356dcbb6Odin Secure FTP Expert version 7.6.3 Site Info denial of service proof of concept exploit.
9237bd29aa749c0ee8fcd4e1c5a083c2943a4774708d940945375839849a0cb5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed