Red Hat Security Advisory 2020-0310-01 - Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Issues addressed include a deserialization vulnerability.
0e259ef4f49a543084a24dec33476a00eb4a4768db21c808939c1f234914f2abUbuntu Security Notice 4262-1 - Daniel Preussker discovered that OpenStack Keystone incorrectly handled the list credentials API. A user with a role on the project could use this issue to view any other user's credentials.
d08410626ee722a2245fd4e1c50b7b76472e8ac15b9df8d7edb8839823169ff0Red Hat Security Advisory 2020-0296-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Issues addressed include a buffer overflow vulnerability.
e2a9d3380368d436b68b17897578d1d7b594dc48bbd96403c5d2eaba16418482Red Hat Security Advisory 2020-0295-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.4.1 ESR. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.
d61870d2a6e54f89808b2e671efa2c80f13f4beb92cbeaed3dce30408f198d5aRed Hat Security Advisory 2020-0293-01 - Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Issues addressed include a buffer overflow vulnerability.
73f9a1527be9f035240daf9623c9961fd51e036f1e2661961914b625b5aa37c0Red Hat Security Advisory 2020-0291-01 - A library to handle bidirectional scripts, so that the display is done in the proper way, while the text data itself is always written in logical order. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
d45eb3ce5260554660bd8b280dddf7c95ef05a97782b5da4347e3421fc10cdd7Red Hat Security Advisory 2020-0292-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.4.1. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.
62d0a879d8d04aa9483212373ce7c5d68d507752d65354fd939df215309c87f2Debian Linux Security Advisory 4610-1 - Multiple code execution vulnerabilities have been addressed in the webkit2gtk web engine.
b72fff7e1e706fc40373f9789f0230cfdf746cfdb51cbfc6194e3a233f5e7081Apple Security Advisory 2020-1-29-1 - iCloud for Windows 7.17 addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
5f4d60bc66dce9f0be786bc027fcc7c52455ed33a00cdb73bd7ad2d31cf7c2e4Apple Security Advisory 2020-1-29-2 - iCloud for Windows 10.9.2 is now available and addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
99e8e80432459a94b02cf3052c928d0094dfda3ef2f7828340629294beb8f50bDebian Linux Security Advisory 4611-1 - Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of email addresses which could result in the execution of arbitrary commands as root. In addition this update fixes a denial of service by triggering an opportunistic TLS downgrade.
b13a8757f4f9e0b2f590ed0cdbe4d23e4718fa37e2ea6ca4ed4d48c3bfa33f2aUbuntu Security Notice 4261-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
c0cae97b6844e451bee938768b445c5af8fef387f98dc53a5b4ea8fcae469fa0Ubuntu Security Notice 4259-1 - Michael Stepankin and Olga Barinova discovered that Apache Solr was vulnerable to an XXE attack. An attacker could use this vulnerability to remotely execute code.
3931c673f360301aa8f26e6e66ddaed7522a4f3629ff128ef0db01f1b7edb518571 bytes small Microsoft Windows x86 dynamic bind shell and null-free shellcode.
a068c7e3daa600ac751e275e9f857994e6ea8a69b04243dda2a23d6d42f2ea2dThe fix that was applied to address a code execution vulnerability in Trend Micro Anti-Threat Toolkit (ATTK) was insufficient.
b9b4e23fba87a6da6a86f939c567edd6b4d826078dea81dcf76c39a0ac44882cWhitepaper called Hunting Process Injection By Windows API Calls.
76914e883ee1f18d0b436c8b308d989b0609b629b9bc4ba002930ed7c74b3d26rConfig version 3.9.3 suffers from an authenticated remote code execution vulnerability.
0f26c86a269bf983f144de86b9776ac084b92fb228ce91852dc3bc38419b270eOpenSMTPD version 6.6.2 remote code execution exploit.
abe43f7110bb331986cc5d9ed522108c73061ac20671c668b7da6fcdfb9996c1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed