TAO Open Source Assessment Platform version 3.3.0 RC2 suffers from multiple cross site scripting vulnerabilities.
84a4363ff838ac329c2aa50639312beab5e73c9771b2a3f2ab6b835582fbe6daUbuntu Security Notice 4322-1 - It was discovered that GnuTLS incorrectly handled randomness when performing DTLS negotiation. A remote attacker could possibly use this issue to obtain sensitive information, contrary to expectations.
c604a08916d7c999df08f4add90fbb8f80320cec8e486ecca95ea437bf557f3bRed Hat Security Advisory 2020-1358-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds access vulnerability.
c9a77bbf4ba5eff67132a363b838be50e5f09b3583428979136412710a2be6beRed Hat Security Advisory 2020-1360-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include an out of bounds access vulnerability.
055cbce2dabffe9c7cbe9225190e8e49f576d6f13d9ea30573b640b26e72259aUbuntu Security Notice 4321-1 - Felix Wilhelm discovered that HAProxy incorrectly handled certain HTTP/2 requests. An attacker could possibly use this to execute arbitrary code.
04bd7b9ca73f4b44ae8593cedd0d89f713e03204ec70e2369076561a95f7bd14Red Hat Security Advisory 2020-1276-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a memory exhaustion vulnerability.
2e4e492cf3856629ee23187a4a3c0348ca5cd22316a832ef78e752364c6c7a66Red Hat Security Advisory 2020-1372-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
a04c29f98ecd4f58ca929d04012292b857a4fa7327eaf221c35284032c32c73bRed Hat Security Advisory 2020-1349-01 - The krb5-appl packages contain Kerberos-aware versions of telnet, ftp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and trusted third-party, the Key Distribution Center. Issues addressed include a code execution vulnerability.
517246f6208e49d3b7b552ee8f7134602c4ebb211ece26cd9295bc43734d3997Red Hat Security Advisory 2020-1379-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include an out of bounds access vulnerability.
47febdee0362fc180a5203915dbf3943f4e82b3eefcb10196c40be3e44e251bcRed Hat Security Advisory 2020-1352-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include an out of bounds access vulnerability.
abab3af6ab91cddd444c056748413aea3ec3b5bb4f82fbfbdf5428e6961aab58Red Hat Security Advisory 2020-1350-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.162. Issues addressed include a buffer overflow vulnerability.
13001b830806894a2b03b9620ada98a320fa3858dabdfddf345b6ef1d0c53433Red Hat Security Advisory 2020-1378-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
11e19660622c2923841a6028f831bae64b0528de25caa79a4a3bcd8855b9cad8Red Hat Security Advisory 2020-1351-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.
3021f0047dbd6e4ea1771ecc9ae7f6acbba1eeefae5a9383a628b427fcf92d3bRed Hat Security Advisory 2020-1345-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include an out of bounds write vulnerability.
d852834b4835e74d1e0d4154ee53eff6902a40b19a727bd5211d084bed71c503Red Hat Security Advisory 2020-1346-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
214f2f6e6d5aaafa4d2104aef7abb772d7a90dbdd57dda1cd516c8b7253b9d4bRed Hat Security Advisory 2020-1347-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and heap overflow vulnerabilities.
bfd5311bbf07102be9eb6e46f1fee45e10a39abc291910e523e3744966eb1687Red Hat Security Advisory 2020-1353-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and heap overflow vulnerabilities.
de8470039a03cb69ff3cdff960e6e77e398728349600e3e657dd13048a3c0db1Red Hat Security Advisory 2020-1338-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.1 ESR. Issues addressed include a use-after-free vulnerability.
228a05c203332c82401d9060dd35ef656f4801e462fcd5cff15f07ea061caf0dRed Hat Security Advisory 2020-1339-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.1 ESR. Issues addressed include a use-after-free vulnerability.
7aed0fce6358da0f568a3a7f37e0165251908712f62c81cd7ec8bea5e2f46304Red Hat Security Advisory 2020-1341-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.1 ESR. Issues addressed include a use-after-free vulnerability.
aa552207b45074c468ede186fcc63da9b3ee5bce8d39579c2648ca172d16f838Red Hat Security Advisory 2020-1343-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include an integer overflow vulnerability.
f4fc046e956948e211d1369451a73d1dbfc1a2c45edc63aeed59271cd4d822c8Red Hat Security Advisory 2020-1344-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds access vulnerability.
0c7f50c74ac929f991bc9a8ff68ca395af16822e4c5e213fe6659c9bc038c831Red Hat Security Advisory 2020-1340-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.1 ESR. Issues addressed include a use-after-free vulnerability.
196b8daee3c9c317fb78698178b4eb66a385b76bd319714384904a56c14c6763Red Hat Security Advisory 2020-1342-01 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. Issues addressed include a code execution vulnerability.
665bf93f9dd8aa1e66f6587c1d4d83d180b081436b8c00cd8e753df4cc96f3baUbuntu Security Notice 4320-1 - Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
1e4eb7a32a0e797aa6719009ac4c340dd14a3f00572ec494464c8e1f6347835b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed