Critical Infrastructure

SecList ICS

Security Magazine

Case Studies

News

Exploits

Last 20 Website Defacements - Zone-h

Advisories

  • Ubuntu Security Notice USN-4124-2 Mon, 16 Sep 2019 16:00:28 GMT
    Ubuntu Security Notice 4124-2 - USN-4124-1 fixed a vulnerability in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands. Various other issues were also addressed.
  • Debian Security Advisory 4523-1 Mon, 16 Sep 2019 16:00:11 GMT
    Debian Linux Security Advisory 4523-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, information disclosure and a covert content attack on S/MIME encryption using a crafted multipart/alternative message.
  • Red Hat Security Advisory 2019-2774-01 Mon, 16 Sep 2019 15:56:49 GMT
    Red Hat Security Advisory 2019-2774-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.
  • Ubuntu Security Notice USN-4134-1 Mon, 16 Sep 2019 15:56:34 GMT
    Ubuntu Security Notice 4134-1 - Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user.
  • Ubuntu Security Notice USN-4133-1 Mon, 16 Sep 2019 15:53:09 GMT
    Ubuntu Security Notice 4133-1 - It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.
  • Debian Security Advisory 4522-1 Mon, 16 Sep 2019 15:52:44 GMT
    Debian Linux Security Advisory 4522-1 - Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed.
  • Ubuntu Security Notice USN-4129-2 Thu, 12 Sep 2019 20:42:18 GMT
    Ubuntu Security Notice 4129-2 - USN-4129-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
  • Ubuntu Security Notice USN-4132-2 Thu, 12 Sep 2019 20:42:12 GMT
    Ubuntu Security Notice 4132-2 - USN-4132-1 fixed a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
  • Ubuntu Security Notice USN-4132-1 Thu, 12 Sep 2019 20:42:05 GMT
    Ubuntu Security Notice 4132-1 - It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
  • Red Hat Security Advisory 2019-2766-01 Thu, 12 Sep 2019 20:40:57 GMT
    Red Hat Security Advisory 2019-2766-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains updated container images for multus-cni, operator-lifecycle-manager, and operator-registry in Red Hat OpenShift Container Platform 4.1.15. Each of these container images includes gRPC, which has been updated with the fixes for unbounded memory growth issues.
  • Red Hat Security Advisory 2019-2756-01 Thu, 12 Sep 2019 14:33:15 GMT
    Red Hat Security Advisory 2019-2756-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.255. Issues addressed include a code execution vulnerability.
  • Red Hat Security Advisory 2019-2746-01 Thu, 12 Sep 2019 14:32:51 GMT
    Red Hat Security Advisory 2019-2746-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.
  • Red Hat Security Advisory 2019-2745-01 Thu, 12 Sep 2019 14:32:43 GMT
    Red Hat Security Advisory 2019-2745-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.
  • Red Hat Security Advisory 2019-2743-01 Thu, 12 Sep 2019 14:32:34 GMT
    Red Hat Security Advisory 2019-2743-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Issues addressed include a code execution vulnerability.
  • Slackware Security Advisory - mozilla-thunderbird Updates Thu, 12 Sep 2019 14:32:20 GMT
    Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.
  • Slackware Security Advisory - openssl Updates Thu, 12 Sep 2019 14:32:14 GMT
    Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix security issues.
  • Slackware Security Advisory - curl Updates Thu, 12 Sep 2019 14:32:07 GMT
    Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
  • Ubuntu Security Notice USN-4130-1 Wed, 11 Sep 2019 20:00:19 GMT
    Ubuntu Security Notice 4130-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
  • Ubuntu Security Notice USN-4131-1 Wed, 11 Sep 2019 20:00:11 GMT
    Ubuntu Security Notice 4131-1 - It was discovered that VLC incorrectly handled certain media files. If a user were tricked into opening a specially-crafted file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code.
  • Red Hat Security Advisory 2019-2741-01 Wed, 11 Sep 2019 20:00:04 GMT
    Red Hat Security Advisory 2019-2741-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, and use-after-free vulnerabilities.
  • Red Hat Security Advisory 2019-2736-01 Wed, 11 Sep 2019 19:59:56 GMT
    Red Hat Security Advisory 2019-2736-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.
  • Red Hat Security Advisory 2019-2690-01 Wed, 11 Sep 2019 19:58:47 GMT
    Red Hat Security Advisory 2019-2690-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include unbounded memory growth.
  • Red Hat Security Advisory 2019-2737-01 Wed, 11 Sep 2019 19:58:39 GMT
    Red Hat Security Advisory 2019-2737-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.
  • Red Hat Security Advisory 2019-2732-01 Wed, 11 Sep 2019 14:02:08 GMT
    Red Hat Security Advisory 2019-2732-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 2.1.13, and 2.2.7. Issues addressed include a denial of service vulnerability.
  • Red Hat Security Advisory 2019-2731-01 Wed, 11 Sep 2019 14:02:01 GMT
    Red Hat Security Advisory 2019-2731-01 - NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 2.1.509 and Runtime 2.1.13. Issues addressed include a denial of service vulnerability.