Ubuntu Security Notice 4622-2 - USN-4622-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that OpenLDAP incorrectly handled certain network packets. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
4b076f92917b55b8e6b13785852b197b8f0c78402f6918af5d3012681e9c32f0
Ubuntu Security Notice 4630-1 - Hanno Boeck discovered that Raptor incorrectly handled certain memory operations. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could cause the application to crash, resulting in a denial of service, or possibly execute arbitrary code.
ba4b2429461eb8d684ebc279cf9e14a67389506861773ebb0ad900b8281137f9
Ubuntu Security Notice 4629-1 - Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions. An attacker could possibly use this issue to execute arbitrary code. Catarina Leite discovered that MoinMoin incorrectly handled certain SVG files. An attacker could possibly use this issue to execute arbitrary code.
6a94bca2d157fa53ce20f3267659c1f8775fc53a3a5bb8aff7b365d10d7a1283
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
9cc19b959142f78e2035d4131c1db432e2baa42ed9cf928b82aa0658b026f5a3
Microsoft Windows suffers from a local spooler bypass vulnerability.
61c3a397ee51f0006b58ad2f59a3812935b74612177c4a79db2bb0053572084d
Call For Papers for the No cON Name 2020 conference. It will be held online December 18th through the 20th, 2020.
258d7354f7e434b02414550ee6297dcb990eafcdfc13e3f9c2f1d1c9c0384bc2
Customer Support System version 1.0 suffers from a persistent cross site scripting vulnerability.
ca580474c4352a83ccf836e4c821b28a3d68feeae7b03c42d7fdc81b1152616c
Customer Support System version 1.0 suffers from a cross site request forgery vulnerability.
39eebd3c8d49cf61712b725a7d80c7b5f0c4c8ab2185d9d0745408abb2aeeca6
Customer Support System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
a0e28fc74e96b490350e9e6a49dc13c4778cbfcc47f431076847ac79e42185fc
Red Hat Security Advisory 2020-5086-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
51a4d744605ca328594e02d8bd9ebbb530a2ad8fdd07fc010928825fae10d7db
Red Hat Security Advisory 2020-5083-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Issues addressed include an information leakage vulnerability.
42190c7282f4c658e06279bcc5b86c128045392c4b64b9bcd37543f7b7328eba
Red Hat Security Advisory 2020-5084-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 6.
810df6007af8640bf65333e5350e4d25a7d78d5c22eaafd4e927d85cf5d7dc9d
Red Hat Security Advisory 2020-5085-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 8. Issues addressed include an information leakage vulnerability.
9a41119a77130e5b108d0b2682cd5c7897e78cb3f0df6c5b2a2531237f2746a0
Ubuntu Security Notice 4628-1 - Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
ac81944641dddf11488a9bdf22af1912f755f581de876af8741696bae832e3fa
Gentoo Linux Security Advisory 202011-14 - A vulnerability has been discovered in MariaDB which could result in the arbitrary execution of code. Versions less than 10.5.6 are affected.
e8964319575a5fd75c91c70fed1bb5d7380caf7d6c3bb395749bf42168c34776
Gentoo Linux Security Advisory 202011-13 - Multiple vulnerabilities have been found in Salt, the worst of which could result in the arbitrary execution of code. Versions less than 3000.5 are affected.
abb5e03a5ec887de7abc41bf6db230426d3a812179a8d18df5eca701d9593ba9
Gentoo Linux Security Advisory 202011-12 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 86.0.4240.193 are affected.
a9b46f9ccc5ada73083a35dfb54fe083fb56da19b0176cde5ff2317d560ecdb4
Gentoo Linux Security Advisory 202011-11 - A privilege escalation vulnerability has been discovered in Blueman. Versions less than 2.1.4 are affected.
d1a319518d23072df82ddb23e7ac8498b8ce75a7ced766173d542640e3bbaadc
Gentoo Linux Security Advisory 202011-10 - A buffer overflow in tmux might allow remote attacker(s) to execute arbitrary code. Versions less than 3.1c are affected.
3a64db7c5da2c31d810955dbc3a511942efbc0c651b4fcf238e960d1eeef51f0
Gentoo Linux Security Advisory 202011-9 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 5.1.0-r1 are affected.
5d95ad52fc75012ed91b82e53b3043a7867fe90adef97e5fe61a56d75c7075b6
Gentoo Linux Security Advisory 202011-8 - Multiple vulnerabilities have been found in Wireshark, the worst of which could result in a Denial of Service condition. Versions less than 3.4.0 are affected.
d95126e43cf4f2925a9ca199805ec8d7701fcb53532187933665015aabaa5283
Gentoo Linux Security Advisory 202011-7 - A use-after-free in Mozilla Firefox might allow remote attacker(s) to execute arbitrary code. Versions less than 82.0.3 are affected.
4b1912ff8b58ae3cf8446bb5011eb79c7f84492c870faefdbcf52fd29fa26f61
Ubuntu Security Notice 4627-1 - Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information.
227bbb50540c4cabb720611110526d2fb41ccd194cad0f53df0c5ba196ab8ca2
Ubuntu Security Notice 4626-1 - Simon Scannell discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information or gain administrative privileges. Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
da25d2442e323c1c467af193e2d689c49f1e62e8fb167128f9827485fabcdb89
Red Hat Security Advisory 2020-5079-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a denial of service vulnerability.
7c9ef1548ac41342b416f02ddc9fc09baced0e913efd0d26756e653636915787