News

    Exploits

    Last 20 Website Defacements - Zone-h

    Advisories

    • Ubuntu Security Notice USN-4754-2 Fri, 26 Feb 2021 16:11:09 GMT
      Ubuntu Security Notice 4754-2 - USN-4754-1 fixed a vulnerability in Python. The fix for CVE-2021-3177 introduced a regression in Python 2.7. This update reverts the security fix pending further investigation. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.
    • Ubuntu Security Notice USN-4754-1 Fri, 26 Feb 2021 16:11:03 GMT
      Ubuntu Security Notice 4754-1 - It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.
    • Ubuntu Security Notice USN-4755-1 Fri, 26 Feb 2021 16:10:57 GMT
      Ubuntu Security Notice 4755-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
    • Ubuntu Security Notice USN-4752-1 Thu, 25 Feb 2021 15:31:12 GMT
      Ubuntu Security Notice 4752-1 - Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4751-1 Thu, 25 Feb 2021 15:31:02 GMT
      Ubuntu Security Notice 4751-1 - It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information. Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4753-1 Thu, 25 Feb 2021 15:30:54 GMT
      Ubuntu Security Notice 4753-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.
    • Ubuntu Security Notice USN-4750-1 Thu, 25 Feb 2021 15:30:47 GMT
      Ubuntu Security Notice 4750-1 - Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4749-1 Thu, 25 Feb 2021 15:30:40 GMT
      Ubuntu Security Notice 4749-1 - Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4748-1 Thu, 25 Feb 2021 15:30:28 GMT
      Ubuntu Security Notice 4748-1 - It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service. It was discovered that the memory management subsystem in the Linux kernel did not properly handle copy-on-write operations in some situations. A local attacker could possibly use this to gain unintended write access to read-only memory pages. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4747-2 Thu, 25 Feb 2021 15:30:21 GMT
      Ubuntu Security Notice 4747-2 - USN-4747-1 fixed a vulnerability in screen. This update provides the corresponding update for Ubuntu 14.04 ESM. Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
    • Red Hat Security Advisory 2021-0100-01 Thu, 25 Feb 2021 15:30:14 GMT
      Red Hat Security Advisory 2021-0100-01 - The file-integrity-operator image update is now available for OpenShift Container Platform 4.7. Issues addressed include denial of service and integer overflow vulnerabilities.
    • Red Hat Security Advisory 2020-5364-01 Thu, 25 Feb 2021 15:30:03 GMT
      Red Hat Security Advisory 2020-5364-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra low-latency container images for Red Hat OpenShift Container Platform 4.7. Issues addressed include denial of service and integer overflow vulnerabilities.
    • Red Hat Security Advisory 2021-0664-01 Thu, 25 Feb 2021 15:29:45 GMT
      Red Hat Security Advisory 2021-0664-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
    • Red Hat Security Advisory 2020-5633-01 Thu, 25 Feb 2021 15:29:25 GMT
      Red Hat Security Advisory 2020-5633-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.0. Issues addressed include bypass, denial of service, integer overflow, man-in-the-middle, and memory leak vulnerabilities.
    • Red Hat Security Advisory 2021-0661-01 Thu, 25 Feb 2021 15:28:34 GMT
      Red Hat Security Advisory 2021-0661-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.
    • Red Hat Security Advisory 2021-0659-01 Thu, 25 Feb 2021 15:28:26 GMT
      Red Hat Security Advisory 2021-0659-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.
    • Red Hat Security Advisory 2020-5634-01 Thu, 25 Feb 2021 15:28:18 GMT
      Red Hat Security Advisory 2020-5634-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.0.
    • Red Hat Security Advisory 2021-0662-01 Thu, 25 Feb 2021 15:28:10 GMT
      Red Hat Security Advisory 2021-0662-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.
    • Red Hat Security Advisory 2021-0658-01 Thu, 25 Feb 2021 15:28:03 GMT
      Red Hat Security Advisory 2021-0658-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.
    • Red Hat Security Advisory 2021-0656-01 Thu, 25 Feb 2021 15:27:56 GMT
      Red Hat Security Advisory 2021-0656-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.
    • Red Hat Security Advisory 2021-0660-01 Thu, 25 Feb 2021 15:27:49 GMT
      Red Hat Security Advisory 2021-0660-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.
    • Red Hat Security Advisory 2021-0655-01 Thu, 25 Feb 2021 15:27:39 GMT
      Red Hat Security Advisory 2021-0655-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.
    • Red Hat Security Advisory 2021-0657-01 Thu, 25 Feb 2021 15:27:28 GMT
      Red Hat Security Advisory 2021-0657-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.
    • Red Hat Security Advisory 2020-5635-01 Thu, 25 Feb 2021 15:26:54 GMT
      Red Hat Security Advisory 2020-5635-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
    • Ubuntu Security Notice USN-4698-2 Thu, 25 Feb 2021 15:26:41 GMT
      Ubuntu Security Notice 4698-2 - USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Various other issues were also addressed.