Grub2 has grub2-set-bootflag setuid in the new Fedora release and has the ability to corrupt the environment.
8b02b403cb65d197b55d479f14ebd82a934af9eca331f69bc357e66acc8a31b2
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
c8f8b030751ee35087e8fa264cc37a0d325186c0e8e6eee9eed0686115ddc0a4
Red Hat Security Advisory 2019-4019-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
77fa65a96baf59af0b8d531b976dca7bd2a1955703ee9de2463044589dae5a5e
Red Hat Security Advisory 2019-4018-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
ffe3f5988be6dd7a943f7be36a8d49a6410ecc07b452747fa50d6382976ff83a
The vulnerability allows rescaling and corrupting the Xiaomi Mi Box (model: MIBOX3, build.id : MHC19) display without any privilege requirement, thus creating an opportunity for a non-privilege malicious app to disable the basic functionalities that the TV box is offering or can even be used for ransomware purpose - e.g., each time a target streaming app is launched, the malicious app can corrupt the display.
e3d8df083eeb13cc51a2757aa687d0e3a726620f82fe26776aef9ee56634e546
B-Sides Ljubljana will be held April 4th, 2020 in Ljubljana, Slovenia.
e59afcb2a6860a3b97af31c75aff21ad03698f1084108171bbd8a64d30fb7939
Red Hat Security Advisory 2019-4021-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
0722e12f5fc13d3dca84d18ffee8fd509dbd0efd0904fc31534cd18260a15f5d
Red Hat Security Advisory 2019-4020-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.
73f3bff9f1fe90e77f6f4781409305530671950778c27d425306cc58a81efb24
A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.
deb671a58483113fa01c7556131f6c1924fc8c60528a056679836812d446ff89
SpotAuditor version 5.3.2 suffers from a denial of service vulnerability.
978407ee340b95fa4b09bb3152f890d72c691b862c9c74423625ff1e758deb66
Microsoft DirectX SDK 2010 suffers from a denial of service vulnerability.
85027970bc8614d80e0b59ffa521da2a5836108f419a2d1d1b4fcdf99ed64c0a