Red Hat Security Advisory 2021-4000-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a bypass vulnerability.
687e6d95703af3939c1fbae107846e79e2e06ca26cf7b539e366f8c2efeaba20
Ubuntu Security Notice 5009-2 - USN-5009-1 fixed vulnerabilities in libslirp. This update provides the corresponding updates for Ubuntu 21.10. Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. It was discovered that libslirp incorrectly handled certain udp packets. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. Various other issues were also addressed.
ce2d0a6dc03321b336b8d36625c5af6aa5d68903590a8cebdd7bc1782ec28808
Ultimate POS version 4.4 suffers from a cross site scripting vulnerability.
caa1edeed640ae5247dc146dd676283c8f8a10a41349ea5caba714d220ae28d9
Red Hat Security Advisory 2021-3934-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.4.
c9fefd08b413fbd1560d4381e2c83d7bbf71bad6cf200e759e18382d7a622393
Linux suffers from a use-after-free read in the SELinux handler for PTRACE_TRACEME.
796440de4a29bc2603d127196092fc9ccdd7e9044bbb208b4660cc96ceeb0dcd
Vanguard version 2.1 suffers from a cross site scripting vulnerability via a POST.
c8a95c1fe3589b612ff61bed8f1ac65c3793a6c3766a84c01ecc4a577ed87202
Isshue Shopping Cart version 3.5 suffers from a persistent cross site scripting vulnerability.
c22a2fbb3b9c2e055b4190509398a817b01884a718a4fad1ac7c312dbd290438
Red Hat Security Advisory 2021-3988-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.
3592a5f96e168b27439ed817a119e661b8e56fb9b3e67e317e664cf1e54d7a21
PHP Melody version 3.0 suffers from a persistent cross site scripting vulnerability in the submitted parameter.
d8424f13bf37202777c8eb39eb7a79e51aa9c46542daba76a837a1ca38f165f0
PHP Melody version 3.0 suffers from a persistent Editor related cross site scripting vulnerability.
6bb5bbdf231880521cf18c8f89f764960fffc82c9d3d1b06d609d2a729cad944
PHP Melody version 3.0 suffers from a remote SQL injection vulnerability.
285af7fc9520b839fdd7b3c657b0b5f5fd716706d49dd396985913c31013892f
PHP Melody version 3.0 suffers from multiple cross site scripting vulnerabilities.
de42b1c089fe9f82885b96c66647ddbe7e82b5ae1d1bc9f46835382877a20f27
SPA Cart CMS version 2021 suffers from a remote SQL injection vulnerability.
8677253bbca965d67167f03bb76f4c5490fdfaea812b1dd1b17e21d478fcdb05
Ubuntu Security Notice 5122-2 - USN-5122-1 fixed a vulnerability in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. On Ubuntu 16.04 ESM This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory. On Ubuntu 14.04 ESM, core file generation has been disabled by default. Various other issues were also addressed.
325ab1b05f68b56ca7773090ef4cb0d400ffa05037daa978e667d2b24ebf0d22
Red Hat Security Advisory 2021-3987-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.
040e54ee516bb6e095dc679de0b614bf50bed500cad2c65a61b6b447e5285956
Whitepaper called Analyzing Java Heap Dumps.
54d081d0cf45414725ec543774d445e3b65c9e6d220fd49ee159cc2f879bce53
Ubuntu Security Notice 5124-1 - It was discovered that GNU binutils incorrectly handled certain hash lookups. An attacker could use this issue to cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that GNU binutils incorrectly handled certain corrupt DWARF debug sections. An attacker could possibly use this issue to cause GNU binutils to consume memory, resulting in a denial of service. Various other issues were also addressed.
df287a7526a8c70c62b65f6a2e768315dbf839f82c15f2528f55fef66be08ce9
BMW Online appears to allow script insertion that can get embedded into emails.
3b48b83e610eab38753e7d2d72c3832931bef96aa09124520a49777579651a7b
Mult-e-Cart Ultimate version 2.4 suffers from a remote SQL injection vulnerability.
127bcdef22032ff269f362edbfdcc2784e1294b26a77d60313474339ed1d1e7e
Red Hat Security Advisory 2021-3982-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
ae1df85e29296081ae5c37d1d0290ca751c28339cafb9442d23a2dd976a9dbe0
Sonicwall SonicOS version 6.5.4 suffers from a client-side cross site scripting vulnerability.
ad9c3c5905467f4066e4825b378cb9e07835f84648133da9f5537f3d3ce96cc5
WordPress Filterable Portfolio Gallery plugin version 1.0 suffers from a persistent cross site scripting vulnerability.
e1bc231fb2815a49e277666694a00e68cbd7b323a4ca7b7ea8ef910933bc0e4d
Simplephpscripts Simple CMS version 2.1 suffers from a remote SQL injection vulnerability.
3dd290dd0e7cb58abc5ee831fba8a25c4c9310da73ea18c7684aef03db1009aa
Simplephpscripts Simple CMS version 2.1 suffers from a persistent cross site scripting vulnerability.
a7020213ba3fb2f8c136b9681a30b78f94e89f8f2153a32c18cb53c6d1ef9980
Simplephpscripts Simple CMS version 2.1 suffers from multiple cross site scripting vulnerabilities.
f154c9c368765c769d5d0ccd4a59358723a158500b7fc185d7cdcd70e815ebd1