Ubuntu Security Notice 4156-1 - It was discovered that SDL incorrectly handled certain images. If a user were tricked into opening a crafted image file, a remote attacker could use this issue to cause SDL to crash, resulting in a denial of service, or possibly execute arbitrary code.
2a81788bd74fc01f6a4d87bd4c76e2f5ad2b57cc82073544912e5e453e0b7f9cRed Hat Security Advisory 2019-3067-01 - Java Security Services provides an interface between Java Virtual Machine and Network Security Services. It supports most of the security standards and encryption technologies supported by NSS including communication through SSL/TLS network protocols. JSS is primarily utilized by the Certificate Server as a part of the Identity Management System. An implicit trust issue has been addressed.
d0ec640d7850a1859c224dcb835415db37206332e8a01c589d1fc708e6f0e91bRed Hat Security Advisory 2019-3055-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, heap overflow, and use-after-free vulnerabilities.
b027026790de1e5b3df9960c8b8f9634c244c64fc94d9cca1b1eec152bf4de1dRed Hat Security Advisory 2019-3076-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include heap overflow and use-after-free vulnerabilities.
fead7025c4a582d00ff91a7edb01aaff16cd6ed600d6c13699241d8d720209a9Red Hat Security Advisory 2019-3082-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on WildFly. This asynchronous patch is a security update for the wildfly-core package in Red Hat JBoss Enterprise Application Platform 7.2.
84db3db638978eaf2e7a0357b98d7ed22446b5ceddde8119dfa8b731b022762aRed Hat Security Advisory 2019-3083-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on WildFly. This asynchronous patch is a security update for the wildfly-core package in Red Hat JBoss Enterprise Application Platform 7.2.
583f4619cbef72b579e03bdcd33486425c3f0693ff702dae6f99d6698ba8b657Ubuntu Security Notice 4155-1 - It was discovered that Aspell incorrectly handled certain inputs. An attacker could potentially access sensitive information.
593c7a9968db59d7adfc25cf833f95cab35b4089f8640b3b9c605d8550e20642Bolt CMS version 3.6.10 suffers from a cross site request forgery vulnerability.
542707b978972f0d747d6caecd9f18999f07424eb2c9c2fa696a000f8afbe767sudo version 1.8.28 suffers from a security bypass vulnerability.
ec35a5c3501bc30592776b4e452cfc692b4f63c07d8cfcfbaac9a2658edd5f5aActiveFax Server version 6.92 Build 0316 suffers from an ActiveFaxServiceNT unquoted service path vulnerability.
0cccd601b3e92f4da2e0d26b68b0e827391e76a4e3668eed80dbbadf6da3f2c8Whitepaper that discusses hacking the Sony Playstation 2 with Yabasic.
a14a8be2940cde824cbb283cda409438d3c54554046b5653892fa56ef8d6ad8fDebian Linux Security Advisory 4543-1 - Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID - -1 or 4294967295. This could allow a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access.
4971069c0d651dcd9257a909634aa8a058965dd724849b1ac7aaac423b42c35eSlackware Security Advisory - New sudo packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
7b94b505cd8d35e808f3d74558fcd3c8b2ffe7599f1366f78fb4abde60146752Remote exploit for Podman when configured with Varlink that allows for remote command execution, denial of service, directory traversal, and information disclosure vulnerabilities.
9dade0df8f26903fcb75bd7b183f65c133b07d815d2b11143e1d860fcdd45b69OpenProject versions 9.0.3 and below and 10.0.1 and below suffer from multiple cross site scripting vulnerabilities.
27975db18b78df36cf6fd45716d389ffb6c02a0c115be0adaae8b41026649331Red Hat Security Advisory 2019-3050-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.4 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and code execution vulnerabilities.
74c31beb9387ce733882cb7dd37d5042f66b5f7eaf20f14bda92d947ec6064bbRed Hat Security Advisory 2019-3049-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. These packages provide security updates to adapters for use with Red Hat Single Sign-On 7.3.4 for Red Hat JBoss Enterprise Application Platform 7.2. An adapter endpoint exposure issue has been addressed.
3f2437905523b998f0a867eeca81792278137ece7f9f1b31003e51757269b873Red Hat Security Advisory 2019-3041-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the OpenShift Service Mesh 1.0.1 release. Issues addressed include a denial of service vulnerability.
097e4aeccf134590f368115ab1b4dc8ab7479fb04038e252d395e22509b49112Ubuntu Security Notice 4154-1 - Joe Vennix discovered that Sudo incorrectly handled certain user IDs. An attacker could potentially exploit this to execute arbitrary commands as the root user.
d95c55d5a4932a56de956ece1b1935d2931d0e5552d36318a2f7b4c3658fe3f2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed