PAC aims to prevent an attacker with the ability to read and write memory from executing arbitrary code. It does that by cryptographically signing and validating code pointers (as well as some data pointers) at runtime. However, it seems that imports of function pointers from shared libraries in userspace are not properly protected by PAC, allowing an attacker to sign arbitrary pointers and thus bypass PAC.
5678bd6488f4650c38c54830ecab44a07b651b61fd1c0a35953bf286d640cfe7Red Hat Security Advisory 2020-3518-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.
02da13c760b214c965c5311d654c352bb1978fb987a05a62f56c4111c97fe37dUbuntu Security Notice 4466-1 - Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information.
47be007788d705a459cd99ccf038f03b19371474d3e506d98d242d9a4eb0aa11Gentoo Linux Security Advisory 202008-8 - NSS has multiple information disclosure vulnerabilities when handling secret key material. Versions less than 3.55 are affected.
c5799ff9c9ac4536d22fedf39e8b495ead17a0bbbfaa825deeeba10016f08a9bUbuntu Security Notice 4465-1 - It was discovered that the XFS file system implementation in the Linux kernel did not properly validate meta data in some circumstances. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
d61918c79cfb7d2a7c42dc5a881a9fdf1bf9ceb9e554b0b44c7668274b983ab2Red Hat Security Advisory 2020-3504-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.
8a44610a43fa68798d324828d2851d69963c6600d9a04c6fcd433359710f8d98Red Hat Security Advisory 2020-3505-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.
dfec80f97242ea8e76f690cf34eb5c5ec8fc7cf0cec0668f5baa93848d783f59Red Hat Security Advisory 2020-3501-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, denial of service, deserialization, and improper authorization vulnerabilities.
e390128d6a2fbef2d35e6bbd560115b1a61fac337fcd0f0f08ca070348829b0bRed Hat Security Advisory 2020-3495-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
591b54bd310dc5924e3705a12dd19daa0d4f02090774716d7f76c8aad4816a57Red Hat Security Advisory 2020-3496-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
1b0865a1b0955e9135ba3734907d15d51f23f6d1b81f5c02047ffb56ab1ee9a1Red Hat Security Advisory 2020-3497-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
a79759996327f746adefb2f8de3de2a9232434d5d031e012b225759d79ef10a1Pharmacy Medical Store and Sale Point version 1.0 suffers from a remote SQL injection vulnerability.
d8df5eb180d9dcaab230182ad9e625434ab3a3ba779a88bcbea6d924fc7ad7d5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed