Security
Headlines
HeadlinesLatestCVEs

Tag

#ubuntu

ImgHosting 1.3 Cross Site Scripting

ImgHosting version 1.3 suffers from a cross site scripting vulnerability.

Packet Storm
#sql#xss#csrf#vulnerability#web#ios#mac#windows#apple#google#ubuntu#linux#debian#cisco#java#php#perl#auth#ruby#firefox
Ubuntu Security Notice USN-6363-1

Ubuntu Security Notice 6363-1 - It was discovered that curl incorrectly handled certain large headers. A remote attacker could possibly use this issue to cause curl to consume resources, resulting in a denial of service.

Ubuntu Security Notice USN-6358-1

Ubuntu Security Notice 6358-1 - It was discovered that RedCloth incorrectly handled certain inputs during html sanitisation. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6362-1

Ubuntu Security Notice 6362-1 - Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6361-1

Ubuntu Security Notice 6361-1 - It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain recently printed documents.

Ubuntu Security Notice USN-6360-1

Ubuntu Security Notice 6360-1 - It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-6359-1

Ubuntu Security Notice 6359-1 - It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

Microsoft Releases Patch for Two New Actively Exploited Zero-Days Flaws

Microsoft has released software fixes to remediate 59 bugs spanning its product portfolio, including two zero-day flaws that have been actively exploited by malicious cyber actors. Of the 59 vulnerabilities, five are rated Critical, 55 are rated Important, and one is rated Moderate in severity. The update is in addition to 35 flaws patched in the Chromium-based Edge browser since last month's

Ubuntu Security Notice USN-6237-3

Ubuntu Security Notice 6237-3 - USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts.

Ubuntu Security Notice USN-6339-3

Ubuntu Security Notice 6339-3 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.