Gentoo Linux Security Advisory 202009-15 - A buffer overflow in libuv might allow remote attacker(s) to execute arbitrary code. Versions less than 1.39.0 are affected.
5d24f84c7a8f8f467c0da7efcd97c914d39ed462331f94a15fddb75a1171c3a8Gentoo Linux Security Advisory 202009-13 - Multiple vulnerabilities have been found in Chromiun and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 85.0.4183.121 are affected.
463afff7d60b67e1aa786343189b0c4a7af82b521f5ecd892705d4bb712a27adUbuntu Security Notice 4556-1 - It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this to bypass email address validation. Various other issues were also addressed.
6263ee9cfe8c1c94cb907772cb2c16323c8cab8a75d3c7cb14bcd598f359e2ecRed Hat Security Advisory 2020-4052-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.
5879c58a315f79727db66564c97bd229a8c6135d02f6485d0062560ae1ffdf06CloudMe version 1.11.2 exploit that uses MSVCRT.System to create a new user (boku:0v3R9000!) and add the new user to the Administrators group. A requirement of successful exploitation is the CloudMe.exe process must be running as administrator.
fa72c3ffb403b1cf08f01966de80e025ee648636329bef78008faa0a5aee32e9Red Hat Security Advisory 2020-4059-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include information leakage and out of bounds read vulnerabilities.
bb7e50754ef13c63d0d79784da94ea537924e0c05444587fe255ffe2b9a39eb7Red Hat Security Advisory 2020-4047-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.
6e03753668b59c2fd6efddbe367fc7d6ed1f890a00a0ab85094a2fb9526aa472Red Hat Security Advisory 2020-4051-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.
81e50fd243a5527daa74fa67a26fdbdaead211e50bc5fb3b478621dc193a4cf3Red Hat Security Advisory 2020-4050-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.
36c20c0186d0f1747a648f97dc0878abbebc3f44770fa0dc5d56d3da32daa11dRed Hat Security Advisory 2020-4049-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.
7a68c4853f9749ddce3f5e9e5f1c62b8ed08644b3dd3b70f2c72551e5548acf7Red Hat Security Advisory 2020-4048-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.
b477c1481b6cd1a44cf4ab23f65c4a25455ce7c97bc3859bd20d47d5f171d107Red Hat Security Advisory 2020-4055-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.
f213a8b90f7f75cddbade1b919a20856fd33b2334cae04e2a29708e505e4eeb9Red Hat Security Advisory 2020-4058-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.
08b427a0be090fc0d0291ec3ec0ca9789443a06d575ba16f1351301624f50c16Red Hat Security Advisory 2020-4054-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.
181d4af2ff5d4650088bf1fafcf34543c338ae29a8e9e5d228844bb68d843e99Ubuntu Security Notice 4547-2 - It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code.
4bf85e1a63ebda1bdcd86e27bfb44045dcceed35e87fd52d303b59fa7afd96d3Mida eFramework version 2.8.9 suffers from a remote code execution vulnerability.
c8c3442a86453108afc78a8c318c4066965ecee2291d2821b49be30d0944428dJoplin version 1.0.245 suffers from a cross site scripting vulnerability that can lead to allowing for remote code execution.
31ca9b8599ce9c83932797054a4edb9d935327170c17b0b17e8f585827a0591eUbuntu Security Notice 4554-1 - It was discovered that libPGF lacked proper validation when opening a specially crafted PGF file. An attacker could possibly use this issue to cause a denial of service.
6d5153e654756beff626ad2eb82d2e791ca48f621d8dfcfb3cc42c74a5783dafUbuntu Security Notice 4553-1 - It was discovered that Teeworlds server did not properly handler certain network traffic. A remote, unauthenticated attacker could use this vulnerability to cause Teeworlds server to crash.
7a11e879569425a13eec2e1f66923bcca40e224fecf7d9534d42ffdbc14b6970Ubuntu Security Notice 4552-1 - Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root.
15615425af77cbc41f0d9e94f0ad4a8524f300eabfc6621848fb8b81998123a7Ubuntu Security Notice 4550-1 - Ryan Hall discovered that DPDK incorrectly handled vhost crypto. An attacker inside a guest could use these issues to perform multiple attacks, including denial of service attacks, obtaining sensitive information from the host, and possibly executing arbitrary code on the host.
d8af98378677f0c95696fed25979abbe5c17bc959e6fb291f1db9dd93bd3a233Ubuntu Security Notice 4551-1 - Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Various other issues were also addressed.
9e92ebd0c9f2c2349eaed8ad48b4f324787d866a46db0c2c35da9b6a79c5a38fUbuntu Security Notice 4547-1 - It was discovered that an information disclosure vulnerability existed in the LibVNCServer vendored in iTALC when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. It was discovered that the LibVNCServer and LibVNCClient vendored in iTALC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
e4c50aa2b1573b7262150b8b4b002ebcb5cceb0ae668df08c6e6bc1f95f45750Ubuntu Security Notice 4548-1 - It was discovered that libuv incorrectly handled certain paths. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
d01405ec577f0b65154300bc1671139dba5d4bdca797c3c731f81314edda4412Ubuntu Security Notice 4549-1 - It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or other unspecified impact.
f991989eee76f3bc6a01074eab8c20a59c3449a03c65cbcbe08ec8104ca8604a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed