Slackware Security Advisory - New patch packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
9eb9cfbbe11a6420a160a6c790e91163ae73f2e165e76b1dfd042906008e3180The Dell EMC Avamar Installation Manager component, within Dell EMC Avamar Server and Integrated Data Protection Appliance, is affected by a missing access control vulnerability. Dell EMC Avamar Server versions 7.3.1, 7.4.1, 7.50 and Dell EMC Integrated Data Protection Appliance versions 2.0 and 2.1 are affected.
bc0a9071db43bf513962de4bda5906b92686e69bb48f1b92b6901540dcc7b01dUbuntu Security Notice 3596-2 - USN-3596-1 fixed vulnerabilities in Firefox. The update caused an issue where it was not possible to customize the toolbars when running Firefox in Unity. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or opening new tabs, escape the sandbox, bypass same-origin restrictions, obtain sensitive information, confuse the user with misleading permission requests, or execute arbitrary code. It was discovered that the fetch API could incorrectly return cached copies of no-store/no-cache resources in some circumstances. A local attacker could potentially exploit this to obtain sensitive information in environments where multiple users share a common profile. Various other issues were also addressed.
e494dec5d0c796d9460535c0b44c093d5932022a735b81473a1415ba41c11a0fRed Hat Security Advisory 2018-0647-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.7.0. Issues addressed include a buffer overflow vulnerability.
957d86557bc84b1dd2569edbabf90e5edcbf056f4a14134dc33d22a5c8904042The Video Downloader Chrome extension suffers from a universal cross site scripting vulnerability.
b5da74f181d1f9d011fafbb0bdf6621ecd124de93f2688457aaf9d1ad4cce81fUbuntu Security Notice 3619-2 - USN-3619-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the Berkeley Packet Filter implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
38b18f0521488f7e9524a5f8e492f7ad41f5c91d876a8aea56b6215d3c63309bDebian Linux Security Advisory 4167-1 - A buffer-overflow vulnerability was discovered in Sharutils, a set of utilities handle Shell Archives. An attacker with control on the input of the unshar command, could crash the application or execute arbitrary code in the its context.
0593f128371e25d3e867f667d6c7e228ed60a7108583323d3b760e39925a1cd7Cobub Razor version 0.7.2 suffers from a cross site request forgery vulnerability.
0db6915869c7d49a6e5a4a1d751ebde9a62576b44ca5f347ff1ece03c3e9fb20Cockpit CMS version 0.13.0 suffers from a server-side request forgery vulnerability.
bb9d51a2d563f68c1b06acdd86fb3398e16932eeb518fbffe5169b60bd4b3a86LineageOS version 14.1 Blueborne suffers from a remote code execution vulnerability.
118abf176aea0790980dec87b92c424f9758c2fd8db35e43bc7364522de3fcfaWhen a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder() does not adequately check that sections are in the correct order when a binary contains custom sections.
15351af9cc68683eec7e8a50927fc26e0ef2b26e642ed477293a4452012a2165Onethink CMS versions released up to date 2018/04/06 suffer from a server-side request forgery vulnerability.
aad2879de55bb8ba9ba5796d011af0f016e871cd9b6bf150c3994af20e87b21e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed