Red Hat Security Advisory 2019-1235-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
68b47f4ffdc07819c94fbeb47e6d696fbb807757f05ad06fdc02f508ff57c808Red Hat Security Advisory 2019-1234-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.192. Issues addressed include a code execution vulnerability.
1836b28b51a78f63384effdd713d7ca2fd038789bce3b61dc479473235def733RSA NetWitness versions prior to 10.6.6.1 and 11.2.1.1 suffer from an issue where an unauthorized attacker can access an administrative resource that may contain plain text credentials to a 3rd party system.
6d0ceca9c6f8aa7aa412ceb70a08b4ec581622d3527f094633b4cb01c6f8c21dDebian Linux Security Advisory 4447-1 - This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities.
d8b699763de9d6f223f90a3cba116541baf7a07ab1db9fea958646ded049c54eLegrand BTicino Driver Manager F454 version 1.0.51 suffers from a cross site scripting vulnerability.
fbc078a721e081caddb995b4c09c32a0b998f14ba9e6cec5aa379d65b6362371Legrand BTicino Driver Manager F454 version 1.0.51 suffers from a cross site request forgery vulnerability.
8a47ad4573868186e71badc2fa544ff1589c987c5eeb00ad7fd3055a7a0b0ab0Ubuntu Security Notice 3983-2 - USN-3983-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
71e35e54b29a6d6208ed09c73b86ede565c1f67be2f263b26df5e1a5c632a200Ubuntu Security Notice 3981-2 - USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS.
cf1d147a8ca174e26d17ced42907db03da00db107fe0eeb5b4c3ac4cf14c1305Red Hat Security Advisory 2019-1205-01 - The rhvm-setup-plugins package adds functionality exclusive only to Red Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase and other support material. Issues addressed include a CPU related vulnerability.
8b63b6d317c3f44759c839124820cfa676da6495147827ed73ae689d7bb73609FreeBSD Security Advisory - On some Intel processors utilizing speculative execution a local process may be able to infer stale information from microarchitectural buffers to obtain a memory disclosure. An attacker may be able to read secret data from the kernel or from a process when executing untrusted code (for example, in a web browser).
bb1bbf79007ddaee55b83d92fa13bc8a77826384109b261502a3a270db6cf311Ubuntu Security Notice 3982-2 - USN-3982-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 for Ubuntu 14.04 LTS.
7f0ab914d49be44907db7d6deb1d07b390f4eef72d61bc6b6e4daef2a34a508aFreeBSD Security Advisory - States in pf(4) let ICMP and ICMP6 packets pass if they have a packet in their payload matching an existing condition. pf(4) does not check if the outer ICMP or ICMP6 packet has the same destination IP as the source IP of the inner protocol packet. A maliciously crafted ICMP/ICMP6 packet could bypass the packet filter rules and be passed to a host that would otherwise be unavailable.
5658869886042ac484dc95cb6af84648e15ab1941fc781b833bc4d659efbb67aFreeBSD Security Advisory - A bug in the pf(4) IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of from the first packet. Malicious IPv6 packets with different IPv6 extensions could cause a kernel panic or potentially a filtering rule bypass.
97bbcb3ce672debfe19dd8c848fe63f318427adee581b312031e315e30650a3aUbuntu Security Notice 3980-2 - USN-3980-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS.
4e7461c438ebdef1b2b7c4b1914afe31f352038acdee164b1ad7feae87945aeaRed Hat Security Advisory 2019-1206-01 - The rhvm-setup-plugins package adds functionality exclusive only to Red Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase and other support material. Issues addressed include a CPU related vulnerability.
dcccd2047cf68409a14aa5ffc0d6636af6b6b4f47a7213486f082984b1c14ce3DeepSound version 1.0.4 suffers from a remote SQL injection vulnerability.
2f2409b90024327c13fd2c191a2431206f338c384bdcd0671b6c811d7e715a05Ubuntu Security Notice 3984-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
d887c36868a5199126f3215d5a99e588aba4d39b5b188daec42af0327180edc0Debian Linux Security Advisory 4446-1 - It was discovered that the Lemonldap::NG web SSO system performed insufficient validation of session tokens if the "tokenUseGlobalStorage" option is enabled, which could grant users with access to the main session database access to an anonymous session.
f9e4831d4e6bfe5319ca46b593f9ccfa8c06f227653e0e99572eea2f6cd66998Ubuntu Security Notice 3981-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
ef3a0e06767d0da7a99a31744e14010e03d289d2f77b7f1770acfff53099bdf1Red Hat Security Advisory 2019-1204-01 - The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection. Issues addressed include a CPU related vulnerability.
d8640815c640a49976789351d98db05a72a7f3fbf746184fc5bfdca1545d154aRed Hat Security Advisory 2019-1207-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a CPU related vulnerability.
15ee2cbf4904c464163b9ac4f61ef46e8bf6e7c991192682795bc01143e91ca1Ubuntu Security Notice 3983-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
61b26600ce9ce07102cbe35238104dd1517eba0488d0987876c066c3c993aa92Ubuntu Security Notice 3982-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
bda0c59c2248097a32e9f52e2e89b146e54e5e803dabd6eff157e1be516797e5Ubuntu Security Notice 3980-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
27fa82e43c03f6a2ef67978f272d0864107e13d76a5ef2e1702474c83dd7ed72Debian Linux Security Advisory 4444-1 - Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures (buffers). This flaw could allow an attacker controlling an unprivileged process to read sensitive information, including from the kernel and all other processes running on the system or cross guest/host boundaries to read host memory.
32cb593a9859d073b4094190c057169111e384c760c76f2c939de88912822548
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed