ZTE Mobile Hotspot MS910S version DL_MF910S_CN_EUV1.00.01 suffers from having a hard-coded administrative password, busybox vulnerabilities, and having a known backdoor in the GoAhead webserver.
4f066c4a8cdc5c194bf13e721d902a077e402bf503eb72e35b7aa253ae12cbc4Eikon Thomson Reuters version 4.0.42144 suffers from a weak permissions issue that can lead to code execution.
cefd3a573b7ca1df14112830ceb07fbac0edea5f7fa5c698ca9c4056ae2633ccUbuntu Security Notice 4477-1 - Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. RĂ©gis Leroy discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request splitting attack, resulting in cache poisoning. Lubos Uhliarik discovered that Squid incorrectly handled certain Cache Digest response messages sent by trusted peers. A remote attacker could possibly use this issue to cause Squid to consume resources, resulting in a denial of service. Various other issues were also addressed.
e30d35415018b5770194d1b9730378b888542946cf0e323dd1be4b7182755fd8Ubuntu Security Notice 4476-1 - It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information.
0cb861156c6c38c6bee4357a5840c4d3a167d2d9e2279055d791e5de14791c64Red Hat Security Advisory 2020-3574-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include bypass and code execution vulnerabilities.
180aa53cbca05482454904febdf9c008320039952a59725600229f347d9d9357Mida eFramework version 2.9.0 suffers from a remote code execution vulnerability.
1d91860562323de0b96d48e3fab2bd5c3cff83336de0debd04431d028e64421aASX to MP3 Converter version 3.1.3.7.2010.11.05 .wax local buffer overflow proof of concept exploit with DEP and ASLR bypass.
7f84c77ff7d0602ebf55956621de4d05257783b831769bc70810340d9c65606bGnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
7c1370565e1910b9d8c4e0fb57b9de34aa062ec7bb91abad5803d791f38d855bUbuntu Security Notice 4475-1 - It was discovered that Chrony incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause a denial of service or expose sensitive information.
2ba66b15a770c05e43d566a989f725061971e35aa3b6b84c1c86873791eeb251Ubuntu Security Notice 4446-2 - USN-4446-1 fixed vulnerabilities in Squid. The update introduced a regression when using Squid with the icap or ecap protocols. This update fixes the problem. Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform cache-injection attacks or gain access to reverse proxy features such as ESI. Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks. Jeriko One discovered that Squid incorrectly handled URL decoding. A remote attacker could possibly use this issue to bypass certain rule checks. Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled input validation. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service. Various other issues were also addressed.
be7270eca51d9106f34f71c4e2558648d8f85a5fc7f6800b486c696796ffa772Gentoo Linux Security Advisory 202008-16 - Multiple vulnerabilities have been found in Mozilla Firefox and Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 68.12.0 are affected.
c474d40ff712accf1513fe181cb940306656297f6cb3abadea7fc678d95faed8Gentoo Linux Security Advisory 202008-15 - A flaw in Docker allowed possible information leakage. Versions less than 19.03.12 are affected.
e644d995ae441f4c24164f26fe3d2966d0636123a2802291141857a55dfe8a2eRed Hat Security Advisory 2020-3541-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. The Matrix Project is a module which handles creating Jenkins multi-configuration projects. Matrix Authorization allows configuring the lowest level permissions, such as starting new builds, configuring items, or deleting them, individually. Python-RSA is a RSA implementation in Python. It can be used as a Python library as well as the commandline utility. Ansible is a SSH-based configuration management, deployment, and task execution system. The openshift-ansible packages contain Ansible code and playbooks for installing and upgrading OpenShift Container Platform 3. Issues addressed include cross site scripting, denial of service, and information leakage vulnerabilities.
42d044757ced55aee7edf9844bfad23fe95bf3c3141361f974b7050950a43c55Gentoo Linux Security Advisory 202008-14 - A vulnerability in Wireshark could lead to a Denial of Service condition. Versions less than 3.2.6 are affected.
1e745d3f44450ee5f3ff173318a642583a2f861a43f9f1ec7f4117a0f3560687Gentoo Linux Security Advisory 202008-13 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in privilege escalation. Versions less than 9.5.23:9.5 are affected.
b9ffeb065fa475ec938af85e828054d7d90b5d9a9259663a3d565b3d3bc786a1Gentoo Linux Security Advisory 202008-12 - Multiple vulnerabilities have been found in Net-SNMP, the worst of which could result in privilege escalation. Versions less than 5.8.1_pre1 are affected.
47b590361046f370f06a09b89dcc673424b68229c00713f89dedeb4d3d77f993Gentoo Linux Security Advisory 202008-11 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 85.0.4183.83 are affected.
945bfec750bf63585fac49eee7a83a14fbd13374349c8480dfe005be75d41814I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
dbccada6a353b54ceb844fe8cb0912c0363375a2f57214d23fcf463c4e6d2c4fDebian Linux Security Advisory 4751-1 - Several vulnerabilities were discovered in Squid, a fully featured web proxy cache, which could result in request splitting, request smuggling (leading to cache poisoning) and denial of service when processing crafted cache digest responses messages.
3753426127834c4951d974e752f420e15ee85396cc43dfb685e0906f69a54744
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed