Red Hat Security Advisory 2020-0310-01 - Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Issues addressed include a deserialization vulnerability.
0e259ef4f49a543084a24dec33476a00eb4a4768db21c808939c1f234914f2ab
Ubuntu Security Notice 4262-1 - Daniel Preussker discovered that OpenStack Keystone incorrectly handled the list credentials API. A user with a role on the project could use this issue to view any other user's credentials.
d08410626ee722a2245fd4e1c50b7b76472e8ac15b9df8d7edb8839823169ff0
Red Hat Security Advisory 2020-0296-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Issues addressed include a buffer overflow vulnerability.
e2a9d3380368d436b68b17897578d1d7b594dc48bbd96403c5d2eaba16418482
Red Hat Security Advisory 2020-0295-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.4.1 ESR. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.
d61870d2a6e54f89808b2e671efa2c80f13f4beb92cbeaed3dce30408f198d5a
Red Hat Security Advisory 2020-0293-01 - Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Issues addressed include a buffer overflow vulnerability.
73f9a1527be9f035240daf9623c9961fd51e036f1e2661961914b625b5aa37c0
Red Hat Security Advisory 2020-0291-01 - A library to handle bidirectional scripts, so that the display is done in the proper way, while the text data itself is always written in logical order. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
d45eb3ce5260554660bd8b280dddf7c95ef05a97782b5da4347e3421fc10cdd7
Red Hat Security Advisory 2020-0292-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.4.1. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.
62d0a879d8d04aa9483212373ce7c5d68d507752d65354fd939df215309c87f2
Debian Linux Security Advisory 4610-1 - Multiple code execution vulnerabilities have been addressed in the webkit2gtk web engine.
b72fff7e1e706fc40373f9789f0230cfdf746cfdb51cbfc6194e3a233f5e7081
Apple Security Advisory 2020-1-29-1 - iCloud for Windows 7.17 addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
5f4d60bc66dce9f0be786bc027fcc7c52455ed33a00cdb73bd7ad2d31cf7c2e4
Apple Security Advisory 2020-1-29-2 - iCloud for Windows 10.9.2 is now available and addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
99e8e80432459a94b02cf3052c928d0094dfda3ef2f7828340629294beb8f50b
Debian Linux Security Advisory 4611-1 - Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of email addresses which could result in the execution of arbitrary commands as root. In addition this update fixes a denial of service by triggering an opportunistic TLS downgrade.
b13a8757f4f9e0b2f590ed0cdbe4d23e4718fa37e2ea6ca4ed4d48c3bfa33f2a
Ubuntu Security Notice 4261-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
c0cae97b6844e451bee938768b445c5af8fef387f98dc53a5b4ea8fcae469fa0
Ubuntu Security Notice 4259-1 - Michael Stepankin and Olga Barinova discovered that Apache Solr was vulnerable to an XXE attack. An attacker could use this vulnerability to remotely execute code.
3931c673f360301aa8f26e6e66ddaed7522a4f3629ff128ef0db01f1b7edb518
571 bytes small Microsoft Windows x86 dynamic bind shell and null-free shellcode.
a068c7e3daa600ac751e275e9f857994e6ea8a69b04243dda2a23d6d42f2ea2d
The fix that was applied to address a code execution vulnerability in Trend Micro Anti-Threat Toolkit (ATTK) was insufficient.
b9b4e23fba87a6da6a86f939c567edd6b4d826078dea81dcf76c39a0ac44882c
Whitepaper called Hunting Process Injection By Windows API Calls.
76914e883ee1f18d0b436c8b308d989b0609b629b9bc4ba002930ed7c74b3d26
rConfig version 3.9.3 suffers from an authenticated remote code execution vulnerability.
0f26c86a269bf983f144de86b9776ac084b92fb228ce91852dc3bc38419b270e
OpenSMTPD version 6.6.2 remote code execution exploit.
abe43f7110bb331986cc5d9ed522108c73061ac20671c668b7da6fcdfb9996c1