Ubuntu Security Notice 3805-2 - USN-3805-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. Brian Carpenter discovered that the curl command-line tool incorrectly handled error messages. A remote attacker could possibly use this issue to obtain sensitive information. Various other issues were also addressed.
35d25f9232b841e63a7b4d0ebceb8103967774d6ded9953dc4c4a7ebc1414ddb
Debian Linux Security Advisory 4331-1 - Two vulnerabilities were discovered in cURL, an URL transfer library.
e4ffca0478e4be4c0b90134f934441cb4379f22ee99443a26e86fee8f3061def
This is a proof of concept exploit of the PortSmash micro-architecture vulnerability that makes use of an SMT side-channel attack.
883afbc344f3891cddcec8777cf2e0d9c121b4315090fae51c38ec879915df0e
Debian Linux Security Advisory 4330-1 - Several vulnerabilities have been discovered in the chromium web browser.
3ac250c0340e7fb6addf232c7ac0a47f620f98738020bfcfc00e1b0bce9b87ff
Red Hat Security Advisory 2018-3456-01 - The RHN service for Satellite 5.7, 5.6, and earlier versions of Satellite 5 will exit the existing Limited Maintenance Release phase and be permanently shut down on January 31, 2019. After this date, for the affected Satellite 5 versions: No content will be available from RHN. Both system level updates and channel synchronization will be stopped as a result - No Satellite certificates for these versions will be generated or provided for these EOL product versions.
774f9dac8bd62998a01b4069313a72882f0ace8c069655ee62959c51d600d112
Yot CMS version 3.3.1 suffers from a remote SQL injection vulnerability.
3d202aaac67a542d72899cc477b52be7a0403451a4478d063d996da0160cbb6a
Gate Pass Management System version 2.1 suffers from a remote SQL injection vulnerability.
9ebda8585ac47973bc8b09ac60f5bd282af71d758bfa2e94797f7f8fba066b3b
Zint Barcode Generator version 2.6 suffers from a denial of service vulnerability.
683be83a533223f6e9368cef34e66436f6a0d6d41a1a71886439ed6863f01116
CdCatalog version 2.3.1 suffers from a denial of service vulnerability.
f3ab15d299f4ecfa16482d6d013fa7be0b41ff38823c7a83a71b2ae042398719
Loadbalancer.org Enterprise VA MAX versions prior to 8.3.3 suffer from a cross site scripting vulnerability.
91e9e804524cca532f6c32000c99a66127e5ca71868fd68cadd72082ad0a483f
WinMTR version 0.91 suffers from a denial of service vulnerability.
ca18aeb8c4c9d13d39f0e422efe3bbb650a8b686723ba146b6210f8b9314c680
qdPM version 9.1 suffers from a remote SQL injection vulnerability.
be69d3f7d431d0964e2a89d2816659a6ff6ada3a67cd1457bb1166a6bd28d33d
Jelastic version 5.4 suffers from a remote SQL injection vulnerability.
e93389ea65b1b47c5b499df481c4e0875405b347f6542a73933ae88f3177783b
Royal TS/X suffer from an information disclosure vulnerability. Versions that addressed this issue are Royal TSX (for macOS) 3.3.1 released on 2018-09-13 and Royal TS (for Windows) 4.3.60728 released on 2018-07-28.
30a8f68202f76aee408d4e0297fef81078061740a46cf53f71a7a86a80ac013a
Fantastic Blog CMS version 1.0 suffers from a remote SQL injection vulnerability.
eac0885cd08061daf8d1734e9359b4c65047b74f9a451e91b9483e17970d287e