Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Microsoft Patch Tuesday, September 2021 Edition

Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that's reportedly been abused to install spyware on iOS products, and Google's got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat, Reader and a slew of other software.

Krebs on Security
#Time to Patch#adobe#Allan Liska#apple#Azure OMI#chrome#CVE-2021-28316#CVE-2021-30860#CVE-2021-36965#CVE-2021-38647#CVE-2021-40444#google#Immersive Labs#Kevin Breen#Microsoft Patch Tuesday September 2021#Nir Ohfeld#Recorded Future
CVE-2021-31006: About the security content of tvOS 14.7

Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 7.6, tvOS 14.7, macOS Big Sur 11.5. A malicious application may be able to bypass certain Privacy preferences.

CVE-2021-38593: oss-fuzz-vulns/OSV-2021-903.yaml at main · google/oss-fuzz-vulns

Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).

CVE-2021-21805: TALOS-2021-1274 || Cisco Talos Intelligence Group

An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability.

CVE-2021-30560: Stable Channel Update for Desktop

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-32786: One URL standard please | daniel.haxx.se

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9, `oidc_validate_redirect_url()` does not parse URLs the same way as most browsers do. As a result, this function can be bypassed and leads to an Open Redirect vulnerability in the logout functionality. This bug has been fixed in version 2.4.9 by replacing any backslash of the URL to redirect with slashes to address a particular breaking change between the different specifications (RFC2396 / RFC3986 and WHATWG). As a workaround, this vulnerability can be mitigated by configuring `mod_auth_openidc` to only allow redirection whose destination matches a given regular expression.

CVE-2021-32786: One URL standard please | daniel.haxx.se

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9, `oidc_validate_redirect_url()` does not parse URLs the same way as most browsers do. As a result, this function can be bypassed and leads to an Open Redirect vulnerability in the logout functionality. This bug has been fixed in version 2.4.9 by replacing any backslash of the URL to redirect with slashes to address a particular breaking change between the different specifications (RFC2396 / RFC3986 and WHATWG). As a workaround, this vulnerability can be mitigated by configuring `mod_auth_openidc` to only allow redirection whose destination matches a given regular expression.

CVE-2021-36980: ofp-actions: Fix use-after-free while decoding RAW_ENCAP. · openvswitch/ovs@77cccc7

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.

CVE-2021-33670: SAP Security Patch Day – July 2021 - Product Security Response at SAP

SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitimate users leading to denial of service vulnerability.