Inateck BCST-60 Barcode Scanner suffers from a keystroke injection vulnerability.
c50880f8974ac7beaee4a55dd46fc351b8ac265c434798d48f41fea5ac5aea77
Debian Linux Security Advisory 4578-1 - Multiple security issues were found in libvpx multimedia library which could result in denial of service and potentially the execution of arbitrary code if malformed WebM files are processed.
9538be1083464e26484b6e8ca14c4fc07df96b18373e03b573fb4fce4742f597
Multiple denial of service vulnerabilities have been discovered and disclosed in the axTLS library versions 2.1.5 and below.
4b795ed8fab6f7bf3baf0d923f7583ab93caeae5946f05ef62eac4fd030fc492
Ubuntu Security Notice 4204-1 - Riccardo Schirone discovered that psutil incorrectly handled certain reference counting operations. An attacker could use this issue to cause psutil to crash, resulting in a denial of service, or possibly execute arbitrary code.
adc7ec85d31f5349a8be376afe8cf08edc4acfe1a9f39099e09b041b7b93cb51
Debian Linux Security Advisory 4577-1 - Tim Dusterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections.
354b9471b47cedf156fae21fdd08eeb96eab9831e2b07a6b5c32125d5f285f6c
The CBC Gem Android and iOS applications (Android version 9.24.0 and below, iOS version 9.24.0 and below) sends potentially sensitive information such as device model and resolution, mobile carrier, days since first use, days since last use, total number of app launches, number of app launches since upgrade, and previous app session length, unencrypted to both first and third party sites (Adobe Marketing Cloud, ScorecardResearch).
0d3444a9cc732375e29149b598c57075ea9f0555e5ce5015c7e21c27660080f2
Ubuntu Security Notice 4203-2 - USN-4203-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
0dc3942145547db7073c63f6ed48403541f54ab1a7bc5cfe6da8ba310b7067d9
Ubuntu Security Notice 4203-1 - It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.
26d9f79b62cfc9666137eb11e7d3580960296b1498984ff8db3f39ee2986e7c3
Red Hat Security Advisory 2019-4019-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
77fa65a96baf59af0b8d531b976dca7bd2a1955703ee9de2463044589dae5a5e
Red Hat Security Advisory 2019-4018-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
ffe3f5988be6dd7a943f7be36a8d49a6410ecc07b452747fa50d6382976ff83a
Red Hat Security Advisory 2019-4021-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
0722e12f5fc13d3dca84d18ffee8fd509dbd0efd0904fc31534cd18260a15f5d
Red Hat Security Advisory 2019-4020-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
73f3bff9f1fe90e77f6f4781409305530671950778c27d425306cc58a81efb24
A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.
deb671a58483113fa01c7556131f6c1924fc8c60528a056679836812d446ff89
Ubuntu Security Notice 4201-1 - It was discovered that Ruby incorrectly handled certain files. An attacker could possibly use this issue to pass path matching what can lead to an unauthorized access. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain HTTP headers. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
fb5207d2d5cd13b28e5fc571f6f9365cd6eb101ba786fb264b4bd1794b1d6f86
Red Hat Security Advisory 2019-3978-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
2e22aead63d5c2a4d32dc397e1b73d57dd240b6705ba813c44df31f6111d50b2
Red Hat Security Advisory 2019-3981-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a bypass vulnerability.
ca365ccd293079c52be9b6ecb251a7bf0c79d6ea710617a283a29d8b003f7a03
Red Hat Security Advisory 2019-3968-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include a buffer overflow vulnerability.
eec0176b358ad1dceab72caae24a05a4110f389838501cf9a6606e9c563066e8
Red Hat Security Advisory 2019-3976-01 - The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. A stack-based buffer over-read was addressed.
74e2ed1907e5493742c1be87b24081ca4514695335a44791aac28a5113e8f0ea
Red Hat Security Advisory 2019-3979-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.
3f7932f4deb3df7af3b999b13ede29fdfcd5523a78d33407a216349cad3b9847
Red Hat Security Advisory 2019-3967-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.
66e722646d95d8050e8689ab877a158f944b3ed35f9ac87838daa6fb683821f9
Red Hat Security Advisory 2019-3964-01 - The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Issues addressed include an information leakage vulnerability.
372b28f86d6f534625102250b8d78291deadffa5f72301abc92a9cc1046c5553
Debian Linux Security Advisory 4576-1 - An out-of-bounds write vulnerability was discovered in php-imagick, a PHP extension to create and modify images using the ImageMagick API, which could result in denial of service, or potentially the execution of arbitrary code.
5756a4fdbd2a09e27d7b82fe649917fa0a292e2a03c8ae606cb8221bdd2431a9
Ubuntu Security Notice 4200-1 - It was discovered that Redmine incorrectly handle certain inputs that could cause textile formatting errors. An attacker could possibly use this issue to cause a XSS attack. It was discovered that an SQL injection could allow users to access protected information via a crafted object query.
623c8e3a17e14a602b525ab5f5540e738d4bb3f031a88de1d5acd06feb27ea0e
Debian Linux Security Advisory 4575-1 - Several vulnerabilities have been discovered in the chromium web browser.
2f082be534072cb931a5d21f8d4121dcc68f528edc20287c077ccd5b4b1b16dd
Anhui Huami Mi Fit Android application versions 4.0.10 and below does not encrypt the connection when it checks for an update.
e185e7156a12339d666b12c950cb9ece3e3e38a8514d9a1395d67f5123e52007