GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
d62669a8f41e078eaa220ce77a32f4f3f801e3099357ae8c705498fe73884ec5Google Assistant suffered from an authentication bypass vulnerability allowing a webpage to execute commands without permission.
44d6ff217c2fd30ef0ccfe6031bf0609f53f0c9e58b78928c61f0655706fb41aThis Metasploit module exploits a remote command injection vulnerability in Movable Type versions 7 r.5002 and below.
ded7b47796fc44b921a8b1782fa3edc06aef8bea133da718be0a33ed547dd45bMoodle versions 3.10 to 3.10.1, 3.9 to 3.9.4, 3.8 to 3.8.7, and 3.5 to 3.5.16 suffer from cross site scripting and server-side request forgery vulnerabilities.
5ebbb3e3b937891a7993ff7cfa746f4eb1c07b7273456d6b43b919d3917226a0Ubuntu Security Notice 5134-1 - An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied credentials being leaked to the public registry, when using the docker login command with a private registry.
11a8fd969279dac2404fecd3abcaa6f718532bed6e35975931b2093909c3f708Ubuntu Security Notice 5137-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the Infiniband RDMA userspace connection manager implementation in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possible execute arbitrary code. Various other issues were also addressed.
5fef8e7f5f28fbf71440acfa341c2c082504de263157b46ee9e4e00f76144514Ubuntu Security Notice 5136-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the FUSE user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
28724fdbb83e4490e3fc8c3f933128c22cd04d060dad7537f8dd275bde2370b7Ubuntu Security Notice 5135-1 - It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service.
2c6a87c6a06aece5bfc4156be0a147b88565ff9ac97b71d06f275638eb364e39Ubuntu Security Notice 5130-1 - Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Various other issues were also addressed.
b17505018c4425c9656c7d3f88f088126561b05c8d0305c63f206297d8335a5e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed