Red Hat Security Advisory 2021-3392-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
e47e4d14b0ae67db04fbc7a20104b0f0cc8692caeb479fc8e354bfa4116f4881
Ubuntu Security Notice 5058-1 - It was discovered that Thunderbird didn't ignore IMAP server responses prior to completion of the STARTTLS handshake. A person-in-the-middle could potentially exploit this to trick Thunderbird into showing incorrect information. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
d439dc830ff759d365c01af29919212afc94c2f9e8414adca8c017e63f81126f
Red Hat Security Advisory 2021-3381-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
64ce0e25045c339f14c4a8015442e0483e1eed693fd40f56c2b86d3191f7fd92
Red Hat Security Advisory 2021-3366-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a crlf injection vulnerability.
510340d830e021ea7bc5ad295e4ef03442c4d6577a6b00cde3a476a7d1655aeb
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.
9020396ff933693e310b479b641e86f1783d9819d60d1d907752ad8d24a60c31
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.
be6abeca5ab5b06a17850c69e954e7124d91ecdb5844b75e4df548158cbc9514
Red Hat Security Advisory 2021-3363-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.
1f8f21e611320f4e79e73a3064cf1dab34e3b8f319ead8c25c286bd61668aeb0
Red Hat Security Advisory 2021-3365-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include a code execution vulnerability.
78001f6c9639c547e5c02f6d2d0eb6af89b0679a44464bb574d3fe49f62bc0e8
Red Hat Security Advisory 2021-3364-01 - The microcode_ctl packages provide microcode updates for Intel. Issues addressed include information leakage and privilege escalation vulnerabilities.
8be2838ca9398ff6abce781afdf077560075df20b0847d6a508d16dcc44b1757
Ubuntu Security Notice 5057-1 - Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem.
fc68e85943f3093a413a6734ddf00fce253b4a9090f9a1fe4c489107c28a5335
Ubuntu Security Notice 5054-1 - Felix Wilhelm discovered a buffer overflow flaw in the mod_proxy_uwsgi module. An attacker could use this vulnerability to provoke an information disclosure or potentially remote code execution.
70d6543ac9f81870c4535f25be6f6b04322fedfa864ce47348fe2904ac701203
Ubuntu Security Notice 5056-1 - It was discovered that APR incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.
5abb082578b725492a47ce38729a9b78f76731afd77f35cb2360e59bf9790be3
BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an authenticated remote code execution vulnerability.
49197fb2cfb022676fde90bcac4d9316f667e46b26bff72013da082a88e9e04f
BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an XML tag injection vulnerability.
0c56c88ea69c8de1bff4db2aee1d3ede8a753424e728d03ae82775f025eaea03
Red Hat Security Advisory 2021-3327-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and privilege escalation vulnerabilities.
b20ba2534d111110aaf1bd0add4dc3ab65b04821835470cce71af9635bd44116
Backdoor.Win32.Hupigon.aejq malware suffers from a traversal vulnerability.
11b3b0952584c5f99c0df4ddd7b8b6e771a3bdab508ca14fadae5640d3a5dc3f
Backdoor.Win32.Hupigon.aejq malware suffers from a man-in-the-middle vulnerability.
6515f7b9f9c5399c19813559ecb345dab2ea9b3fe486bd17c53628d2ab6371f3
Backdoor.Win32.Hupigon.aejq malware suffers from bypass and code execution vulnerabilities.
948f5f0c7f28c2b0b82dc92a672391a300526cc69a9fd8dc43fa4dfc4f88783a
This is an LLVM based tool to audit Linux kernel module security using both pointer and taint analyses that are flow-sensitive, context-sensitive, and fieldsensitive on kernel drivers. It is port of Dr. Checker.
1fd358d47de323bd7dadfb4148d4c52f11fe6a9eca3e9dbc43431082fd5c62a9
Backdoor.Win32.BO2K.11.d malware suffers from a buffer overflow vulnerability.
42598038ae754d2698dc25471a6b3ccc010ee8c61db15312c3865ce62639d9f0
Red Hat Security Advisory 2021-3328-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, out of bounds write, and privilege escalation vulnerabilities.
4f52d608a26aeced8b46022c6a00a641c50b6115116bab7260c93d4977dbab6a
Red Hat Security Advisory 2021-3325-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
00047b24e87b3eaf6b4ca496d3d25dd3173b92f455ce2b9b385616a1bf9a6f89
Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to remote code execution while cloning a repository. Usage of clean / smudge filters through Git LFS and a case-insensitive file system changes the checkout order of repository files which enables the placement of a Git hook in the .git/hooks directory. By default, this Metasploit module writes a post-checkout script so that the payload will automatically be executed upon checkout of the repository.
e98b3afb62859d7020a7dd7d9fa1db727066effb6fcaf6be5eb8fbff19874b9d
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.
cc636d6e22a673993d94814c09be469df2ce27a0c66b1cab39bbab1786cf2184
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
fe550981d370abfa0a29671346cc0b038229a9bd90b239eab0f01f12212df618