ECSIMAGING PACS version 6.21.5 suffers from a remote code execution vulnerability.
a74ee77c3a8b2d9ab83e77f615b3071a6cc144c023da9a75623333ac3f51c030Rocket.Chat versions 3.7.1 and below suffers from an email address enumeration vulnerability.
023ad89f274a1ee4b96e849967a0021876dca5479963125bc3acb45d9a8cf6faLynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
d2893751e2d78e0c1ab253cef0e982bb84703c8edf2b11be60617894e299e2d1Dovecot versions 2.2.26 through 2.3.11.3 suffer from a bypass issue. When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structure and access other users' emails using a specially crafted command. The attacker must have valid credentials to access the mail server.
5e5468067fc35516788b52ac2a4e75207c4c6d4b1f0ea93176e970b293daf7d6Dovecot versions 2.3.11 through 2.3.11.3 suffer from a denial of service condition related to MIME parsing.
3eac47b5a5d3ef5ce3b165410088b1db4617e678b8f7dc67fe4f1fd3152672a4Ubuntu Security Notice 4684-1 - Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
5af732fb2ce6f70ae324866684e4024144404b6a5a8dcb452f1c2ceab674d105Ubuntu Security Notice 4685-1 - It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code.
00690d662f63cb5df2b3e3f8052cb8a550665941724b83e5d503321321d59e59Ubuntu Security Notice 4686-1 - It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.
0eedf8f4170c8aae566341941ab434d40397be650853f9ac4dc11e8f311c705aRed Hat Security Advisory 2020-5388-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.11 serves as a replacement for Red Hat support for Spring Boot 2.2.10, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.
5a8af553d669a8f417b0e9bf9c65d2e5f4d24d7c4328c679427e9e19869aca54Ubuntu Security Notice 4683-1 - Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
d62f7b2d95fb6d98ce5816e61996fe9b14cfa59e2f45979a141c8296b5ad26aeSonatype Nexus version 3.21.1 suffers from an authenticated remote code execution vulnerability.
d8b1ad15495ef283352b6263e8b025b0ccf7349179f8c4e37eb756adbe9fb845H2 Database version 1.4.199 JNI code execution exploit. This exploit utilizes the Java Native Interface to load a a Java class without needing to use the Java Compiler.
8c32746a6cf9be833e68c6b86a98feaea801217d883850845670c99360385e63Gitea version 1.7.5 suffers from a remote code execution vulnerability.
1544539ce83b000103667a0a303a81c41b8f6cf76dba3ecfa900b7f4f6a20f7fPaperStream IP (TWAIN) version 1.42.0.5685 suffers from a local privilege escalation vulnerability.
28348cc78dc388c9a87f5713f56eec3911b65f88876efe3212b98acd43384138
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed