Microsoft Azure DevOps Server version 2020.0.1 suffers from a cross site scripting vulnerability.
2865bdfc703b7d0f9e4183f21398f57ed28f9364149b790650846f15f2d1f767Red Hat Security Advisory 2021-1195-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.
4f37c599f7e8c48194ac0302bb61b5f6a42cf2d6e305b8bd8ec073fdc4f53478Red Hat Security Advisory 2021-1197-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.
7e635439f9063bb6410c061409cd77a0be43c5d5eb27cef4c65a641868d49d21Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the Horde_Text_Filter library.
61274f1f45025235aa4f5b093517018fc749ec8ab469618084fac2fa0a8d6fe9HEUR.Hoax.Win32.FrauDrop.gen malware suffers from an insecure permissions vulnerability.
41b968222d8773d20c8b3317a23d105cd36326de7b48f2a0ad6dcfe751c1c099Red Hat Security Advisory 2021-1192-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.
c948e9ec428568d27a15b05550951abc57ff9feb310c82e6b96d46880c3ddbddURLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.
b04745000e2c27fd85f7b6af98bdac81b7d1685da87267fc47adea0735a42b95Red Hat Security Advisory 2021-1196-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.
805fd116b01cb33b9525ec6a734ac818161e1d4d5b49c50e822a0e34a2e417adCITSmart ITSM version 9.1.2.27 suffers from a remote time-based blind SQL injection vulnerability.
00f310b365d6f28ece51a2b5cc0898ad40ad47859665986ed15f4c8646f0c5ceCITSmart ITSM version 9.1.2.22 suffers from an LDAP injection vulnerability.
97de053873681829149a127423d8ad70cb9b802ae2777d48c6c157dc86463114Red Hat Security Advisory 2021-1193-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.
332440aa23616d424274ca68a996e31b6e75368d0d74703d69046824987fb3b4Red Hat Security Advisory 2021-1169-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.
ad61386766366b722b219913b56b8cfa60dfc16f9db363fa82bc4c4108510fb1Trojan.Win32.Agent.zfgh malware suffers from an insecure permissions vulnerability.
4962355bc1a06ada54d7e7c20d668dc1f62d6b693ef0ddb868c0888076f7cf26MariaDB version 10.2 suffers from a command execution vulnerability.
7b600a800323cd1607ef6b3df7b72a4d052811dfd58a08322cad74c0a8fedacfRed Hat Security Advisory 2021-1016-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.37. Issues addressed include a denial of service vulnerability.
16b82a78d6c72a76a7a49de72dd71d48892f5736d9e55a186ac3b89d48670317Red Hat Security Advisory 2021-1184-01 - The ovirt-hosted-engine-setup package provides a self-hosted engine tool for the Red Hat Virtualization Manager. A self-hosted engine is a virtualized environment in which the Manager runs on a virtual machine on the hosts managed by the Manager. Bug Fix: In this release, it is now possible to enter a path to the OVA archive for local appliance installation using the cockpit-ovirt UI. Previously, following a successful migration on the Self-hosted Engine, he HA agent on the source host immediately moved to the state EngineDown, and shorly thereafter tried to start the engine locally, if the destination host didn't update the shared storage quickly enough, marking the Manager virtual machine as being up. As a result, starting the virtual machine failed due to a shared lock held by the destination host. This also resulted in generating false alarms and notifications. In this release, the HA agent first moves to the state EngineMaybeAway, providing the destination host more time to update the shared storage with the updated state. As a result, no notifications or false alarms are generated. Note: in scenarios where the virtual machine needs to be started on the source host, this fix slightly increases the time it takes the Manager virtual machine on the source host to start.
8c4853f907f45df559cfbcef018d60c5fcb4358ea5aa03417502549b5e324f5eGenexis PLATINUM 4410 version 2.1 P4410-V2-1.28 suffers from a remote command execution vulnerability.
da3a5b768eda92ca4a1de49af219ea2090bddc95e52d6479b4b1e6a84a2910caTrojan.Win32.Jorik.qje malware suffers from an insecure permissions vulnerability.
09e3a37ed0bb4fcf11c4b5370ed5a25c4823e0d3d121466bf91c05554547bdf5Red Hat Security Advisory 2021-1189-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include bypass and null pointer vulnerabilities.
f0ad367a8dacbe7d3f27ab64c77547cac99e0c6d0fd9dfd325275cc2293a40f3Red Hat Security Advisory 2021-1186-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Bug Fix: Previously, saving user preferences in the Red Hat Virtualization Manager required the MANIPULATE_USERS permission level. As a result, user preferences were not saved on the server. In this release, the required permission level for saving user preferences was changed to EDIT_PROFILE, which is the permission level assigned by default to all users. As a result, saving user preferences works as expected. Issues addressed include a cross site scripting vulnerability.
4c18c1012319e88173dfbea22f337e2c7cfbebdf4b2a56114c37dc6509ff743cDigital Crime Report Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
117f1c801d0b5dca824192ac540a6ec63690601d04d24bd26e93227bde1a1913Red Hat Security Advisory 2021-1190-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.
b4855587d2c21eaa956921785d37b83cebbf547204ef5645662bbd6c3b731c03Ubuntu Security Notice 4905-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code.
4459762b858227b182cf6edf99ec5c603a39341361b44501876cf4e9591de418jQuery version 1.0.3 suffers from a cross site scripting vulnerability.
7ff5c0bf22409a30bef573c9e5485eb91fec6fb5647f3807595a866b12f17491jQuery version 1.2 suffers from a cross site scripting vulnerability.
e46a9bcd5c68212173c90bfe7a472e62486ceae0b3bc203dd6d56f46c93fd2a6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed