Vulnerability - PacketStorm

Red Hat Security Advisory 2019-1580-01

3 days 14 hours ago
Red Hat Security Advisory 2019-1580-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. File read and write along with command execution vulnerabilities were addressed.

Red Hat Security Advisory 2019-1579-01

3 days 14 hours ago
Red Hat Security Advisory 2019-1579-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. File read and write along with command execution vulnerabilities were addressed.

Ubuntu Security Notice USN-4019-2

4 days 9 hours ago
Ubuntu Security Notice 4019-2 - USN-4019-1 fixed several vulnerabilities in sqlite3. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that SQLite incorrectly handled certain SQL files. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. Various other issues were also addressed.

Red Hat Security Advisory 2019-1545-01

4 days 15 hours ago
Red Hat Security Advisory 2019-1545-01 - This release of Red Hat Fuse 7.3.1 serves as a replacement for Red Hat Fuse 7.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.

Red Hat Security Advisory 2019-1543-01

4 days 15 hours ago
Red Hat Security Advisory 2019-1543-01 - This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. Issues addressed include denial of service, null pointer, and out of bounds write vulnerabilities.

Linux / FreeBSD TCP-Based Denial Of Service

5 days 17 hours ago
Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels. The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed _"SACK Panic_," allows a remotely-triggered kernel panic on recent Linux kernels. There are patches that address most of these vulnerabilities. If patches can not be applied, certain mitigations will be effective.

Ubuntu Security Notice USN-4017-2

5 days 17 hours ago
Ubuntu Security Notice 4017-2 - USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment sequences. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

Red Hat Security Advisory 2019-1480-01

5 days 17 hours ago
Red Hat Security Advisory 2019-1480-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service and null pointer vulnerabilities.

Ubuntu Security Notice USN-3991-3

6 days 15 hours ago
Ubuntu Security Notice 3991-3 - USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. Various other issues were also addressed.

Debian Security Advisory 4463-1

6 days 16 hours ago
Debian Linux Security Advisory 4463-1 - Two vulnerabilities were discovered in the ZNC IRC bouncer which could result in remote code execution (CVE-2019-12816) or denial of service via invalid encoding (CVE-2019-9917).

Java Card Proof Of Concepts

1 week 2 days ago
Security Explorations has discovered multiple security vulnerabilities in the reference implementation of Java Card technology from Oracle used in financial, government, transportation and telecommunication sectors among others. As for the impact, the vulnerabilities found make it possible to break memory safety of the underlying Java Card VM. As a result, full access to smartcard memory could be achieved, applet firewall could be broken or native code execution could be gained. This archive contains the proof of concept code that demonstrates these vulnerabilities which were originally made public in March of 2019.
Checked
30 minutes 1 second ago
Vulnerability - PacketStorm
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Subscribe to Vulnerability - PacketStorm feed