Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
b97044b312aa718349af7851331b064bc7bd5352400d5f80793bace427d01343iDS6 DSSPro Digital Signage System version 6.2 suffers from a privilege escalation vulnerability. An authenticated user can elevate his/her privileges by calling JS functions from the console or by insecure direct object references to hidden functionalities that can result in creating users, modifying roles and permissions and full takeover of the application.
8007a5f219e032013e1e72ef98a61a127ff6f0b3d6ed018dc856261d55f65f8cThe CAPTCHA function for iDS6 DSSPro Digital Signage System version 6.2 is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication routine. By requesting the autoLoginVerifyCode object an attacker can receive a JSON message code and successfully bypass the CAPTCHA-based authentication challenge and perform brute-force attacks.
d27b5814b4f42ac16a8bbe64624c3e1ed65fa742a3666758ddc2046e3aaf3e7eiDS6 DSSPro Digital Signage System version 6.2 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
1a26a10673d6b783da8e252d6d326ea5a7706080e34d2507828aab2671cdd3caiDS6 DSSPro Digital Signage System version 6.2 suffers from a cleartext transmission/storage of sensitive information in a cookie when using the Remember (autoSave=true) feature. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.
877e94d38aecf3b2d0163b51920a838107622f27e092b47090c6cd17ae27cf90Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities.
c7d236bdf962dfa9de93321b3fab630caa7f7676cb4839021d3b0a10b7122b7bUbuntu Security Notice 4618-1 - Sergey Nizovtsev discovered that tmux incorrectly handled some inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
4d013c3ab340ab643bf10a57df87941d8a90a0ef174a6c4436c2652d40ae5886Red Hat Security Advisory 2020-4953-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and privilege escalation vulnerabilities.
b887a9aca316a1bac18d59938b9cc80c6bdbfdc1ed45efed99383dda49fb1b0eRed Hat Security Advisory 2020-4946-01 - The libX11 packages contain the core X11 protocol client library. Issues addressed include double free and integer overflow vulnerabilities.
fbfe013d99430ab77450101b23efc39c5a7e7a0d9d1d6026efaf055f9ecc8fd5Red Hat Security Advisory 2020-4947-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.
7e19bc0d5be5e7b76efff1fa9c9d07c2a5b398120bcaed8fe06b472033f30aceRed Hat Security Advisory 2020-4945-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.
e1311ca70124c3d2677e5e2f0c21cd8b0de250869787c9bdcf1970dd5b366360Red Hat Security Advisory 2020-4951-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.
af448da32a7f41f645f0c195bc336a4773e9f1c90023df288c072f368e67ec6eRed Hat Security Advisory 2020-4944-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.
0e09e8649da32eaf38199841872f2af2ce36789fbfe13a7b15c3152dd22b7f1aRed Hat Security Advisory 2020-4948-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.
0f89699d2e03b32c30b23cf13e3213078246d3f7cf2693285a44be51de0f26a0Red Hat Security Advisory 2020-4952-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.
43c3c1db580d97f4509dbbdc681ee34bc176057bcba3d4d7e8169fdc701d28a2Red Hat Security Advisory 2020-4950-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.
539a253bfe37679e365795f675286ef3b3dd76d04c82f67072a2b71107aa045dRed Hat Security Advisory 2020-4949-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.
cbdb03ba697bed4df4f5afb22be60147a224a325d4d1be3088e4ba353728ab29Red Hat Security Advisory 2020-4932-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.
10b8288a98ea38157a941b3a042c2f9688d0140cb95317031189dfaa2901f545Red Hat Security Advisory 2020-4929-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.
93d0fc696cfe97ea70332d763e4d17f3ab8a0866c3f3a1f03acfeed536d6a8b5Red Hat Security Advisory 2020-4930-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.
1bde2cc8d0837e5e3bc8a3d9f978ddad384f63ba2d496389d856dcc1b0a082dcRed Hat Security Advisory 2020-4931-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, cross site scripting, denial of service, and man-in-the-middle vulnerabilities.
5ccbb9cfdf1b00de7aefb64f50b1b1594b3b1b13b8f0d9df7790c851be386badAmarok version 2.8.0 suffers from a denial of service vulnerability.
3b4331be069b40ab14039ed0642b93d07d6c2909e898c9b42c264378b055a535
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed