Online Shopping Alphaware version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version attributed to Ahmed Abbas.
29690f5dffee752bc5e1e472253d5ff5db429877767d895fee54163ae1c8708eOnline Shopping Alphaware version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
1bbd55c9f9e0edcb7f2d29d71a1388c6c031345adc68213198dff08b8c072b7fOnline Shopping Alphaware version 1.0 suffers from an insecure direct object reference vulnerability.
06b278a300b523b0abcc50b71dc25166b714ca2a8134c022619a39fdd096f1a0Red Hat Security Advisory 2020-3328-01 - Red Hat Ansible Tower 3.7.2-1 has addressed for security issues.
cc4215dd35492a4c347e20844f09b854f5035612f362b2be83a677a56904fb8bRed Hat Security Advisory 2020-3329-01 - Red Hat Ansible Tower has had multiple bug fixes addressed including a security issue.
16d2744816a6d1503db52bf24043f2f829e30349a4d0ba4d63ce5621a8eac027Ubuntu Security Notice 4441-2 - USN-4441-1 fixed vulnerabilities in MySQL. The new upstream version changed compiler options and caused a regression in certain scenarios. This update fixes the problem. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.
dc23cc5fa04ffd5d14b5df4ab4af3f7e1e6e2b4f3ea617a5d2010d85561ff006Red Hat Security Advisory 2020-3184-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
fead8c89346a428ada920abf3c99087ef68bbb0117cc307f1e85fd0fb4f13182Red Hat Security Advisory 2020-3183-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
6c681c2d15124b553cdaf2c0346929d6248e945071ce0065f1f3d40fe1121c35Ubuntu Security Notice 4432-2 - USN-4432-1 fixed vulnerabilities in GRUB2 affecting Secure Boot environments. Unfortunately, the update introduced regressions for some BIOS systems , preventing them from successfully booting. This update addresses the issue. Users with BIOS systems that installed GRUB2 versions from USN-4432-1 should verify that their GRUB2 installation has a correct understanding of their boot device location and installed the boot loader correctly. Various other issues were also addressed.
0724dbcf0130cfe1e7185b866f7f79202a090407d4509716ab0a310cc9031e47Ubuntu Security Notice 4452-1 - Trent Shea discovered that the libvirt package set incorrect permissions on the UNIX domain socket. A local attacker could use this issue to access libvirt and escalate privileges.
18133f0aaff0d0adec7946a75d6b242e8ba3e43a8addffc5b4db9dc972784f94Ubuntu Security Notice 4450-1 - Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. Seong-Joong Kim discovered that Whoopsie incorrectly handled parsing files. A local attacker could use this issue to cause Whoopsie to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
06c66c55e390585035c60b7277903cf6b89a3f53b39e664ad082025dfc65f3cbUbuntu Security Notice 4451-1 - Thomas Chauchefoin discovered that ppp incorrectly handled module loading. A local attacker could use this issue to load arbitrary kernel modules and possibly execute arbitrary code.
d8bcbdd1beaa0d0fcdc5862b49dffd945b7c1a538638b2c1ef7030bb15d7b570Ubuntu Security Notice 4448-1 - It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause Tomcat to hang, resulting in a denial of service. It was discovered that Tomcat incorrectly handled HTTP header parsing. In certain environments where Tomcat is located behind a reverse proxy, a remote attacker could possibly use this issue to perform HTTP Request Smuggling. Various other issues were also addressed.
724049f922fdcaed76bab946a48ccfcb9b0e1d275e3effd77f8cf41f47d39f4aUbuntu Security Notice 4449-1 - Ryota Shiga discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of service. Ryota Shiga discovered that Apport incorrectly implemented certain checks. A local attacker could use this issue to escalate privileges and run arbitrary code. Various other issues were also addressed.
997c27eb7a9b6a7e119f8fc8be4aae652994ce95a1b5654a99dedbfffd974000Ubuntu Security Notice 4447-1 - It was discovered that libssh incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service.
b284e25e4e59d4baef55792f488dd7f5e5050838dcf0e54c5344185ee9025cdf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed