uri

Apple Security Advisory 2020-03-24-3

Apple Security Advisory 2020-03-24-3 - tvOS 13.4 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.




uri

Apple Security Advisory 2020-03-24-4

Apple Security Advisory 2020-03-24-4 - watchOS 6.2 is now available and addresses buffer overflow and code execution vulnerabilities.




uri

Apple Security Advisory 2020-03-24-5

Apple Security Advisory 2020-03-24-5 - Safari 13.1 is now available and addresses code execution and cross site scripting vulnerabilities.




uri

Apple Security Advisory 2020-03-24-6

Apple Security Advisory 2020-03-24-6 - iTunes for Windows 12.10.5 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.




uri

Apple Security Advisory 2020-03-24-7

Apple Security Advisory 2020-03-24-7 - Xcode 11.4 is now available and contains security improvements.




uri

Apple Security Advisory 2020-03-25-1

Apple Security Advisory 2020-03-25-1 - iCloud for Windows 10.9.3 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.




uri

Apple Security Advisory 2020-03-25-2

Apple Security Advisory 2020-03-25-2 - iCloud for Windows 7.18 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.




uri

Gentoo Linux Security Advisory 202003-59

Gentoo Linux Security Advisory 202003-59 - Multiple vulnerabilities have been found in libvpx, the worst of which could result in the execution of arbitrary code. Versions less than 1.8.1 are affected.




uri

Gentoo Linux Security Advisory 202003-60

Gentoo Linux Security Advisory 202003-60 - Multiple vulnerabilities have been found in QtCore, the worst of which could result in the execution of arbitrary code. Versions less than 5.13.2-r2 are affected.




uri

Gentoo Linux Security Advisory 202003-61

Gentoo Linux Security Advisory 202003-61 - A vulnerability in Adobe Flash Player might allow remote attackers to execute arbitrary code. Versions less than 32.0.0.330 are affected.




uri

Gentoo Linux Security Advisory 202003-62

Gentoo Linux Security Advisory 202003-62 - A buffer overflow in GNU Screen might allow remote attackers to corrupt memory. Versions less than 4.8.0 are affected.




uri

Gentoo Linux Security Advisory 202003-63

Gentoo Linux Security Advisory 202003-63 - Multiple vulnerabilities have been found in GNU IDN Library 2, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.2.0 are affected.




uri

Gentoo Linux Security Advisory 202003-64

Gentoo Linux Security Advisory 202003-64 - Multiple vulnerabilities have been found in libxls, the worst of which could result in the arbitrary execution of code. Versions less than 1.5.2 are affected.




uri

Gentoo Linux Security Advisory 202003-65

Gentoo Linux Security Advisory 202003-65 - Multiple vulnerabilities have been found in FFmpeg, the worst of which allows remote attackers to execute arbitrary code. Versions greater than or equal to 4 are affected.




uri

Gentoo Linux Security Advisory 202003-66

Gentoo Linux Security Advisory 202003-66 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 4.2.0-r2 are affected.




uri

Gentoo Linux Security Advisory 202004-01

Gentoo Linux Security Advisory 202004-1 - A vulnerability in HAProxy might lead to remote execution of arbitrary code. Versions less than 2.0.10 are affected.




uri

Gentoo Linux Security Advisory 202004-02

Gentoo Linux Security Advisory 202004-2 - Multiple vulnerabilities have been found in VirtualBox, the worst of which could allow an attacker to take control of VirtualBox. Versions prior to 6.1.2 are affected.




uri

Gentoo Linux Security Advisory 202004-03

Gentoo Linux Security Advisory 202004-3 - Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which could result in the execution of arbitrary code. Versions prior to 9.28_rc4 are affected.




uri

Gentoo Linux Security Advisory 202004-04

Gentoo Linux Security Advisory 202004-4 - A heap use-after-free flaw in Qt WebEngine at worst might allow an attacker to execute arbitrary code. Versions less than 5.14.1 are affected.




uri

Gentoo Linux Security Advisory 202004-05

Gentoo Linux Security Advisory 202004-5 - Multiple vulnerabilities have been found in ledger, the worst of which could result in the arbitrary execution of code. Versions less than 3.1.2 are affected.




uri

Gentoo Linux Security Advisory 202004-07

Gentoo Linux Security Advisory 202004-7 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 74.0.1 are affected.




uri

Gentoo Linux Security Advisory 202004-08

Gentoo Linux Security Advisory 202004-8 - A vulnerability in libssh could allow a remote attacker to cause a Denial of Service condition. Versions less than 0.9.4 are affected.




uri

Gentoo Linux Security Advisory 202004-09

Gentoo Linux Security Advisory 202004-9 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 81.0.4044.92 are affected.




uri

Gentoo Linux Security Advisory 202004-10

Gentoo Linux Security Advisory 202004-10 - Multiple vulnerabilities were found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.1.1g are affected.




uri

Gentoo Linux Security Advisory 202004-11

Gentoo Linux Security Advisory 202004-11 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.7.0 are affected.




uri

Gentoo Linux Security Advisory 202004-12

Gentoo Linux Security Advisory 202004-12 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 81.0.4044.122 are affected.




uri

Gentoo Linux Security Advisory 202004-13

Gentoo Linux Security Advisory 202004-13 - Multiple vulnerabilities have been found in Git which might all allow attackers to access sensitive information. Versions less than 2.26.2 are affected.




uri

Red Hat Security Advisory 2020-1937-01

Red Hat Security Advisory 2020-1937-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.




uri

Red Hat Security Advisory 2020-1940-01

Red Hat Security Advisory 2020-1940-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.




uri

Red Hat Security Advisory 2020-1939-01

Red Hat Security Advisory 2020-1939-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.




uri

Red Hat Security Advisory 2020-1942-01

Red Hat Security Advisory 2020-1942-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.




uri

Red Hat Security Advisory 2020-1938-01

Red Hat Security Advisory 2020-1938-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.




uri

Red Hat Security Advisory 2020-2014-01

Red Hat Security Advisory 2020-2014-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.







uri

Ubuntu Security Notice USN-4197-1

Ubuntu Security Notice 4197-1 - It was discovered that Bind incorrectly handled certain TCP-pipelined queries. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service.




uri

Debian Security Advisory 4577-1

Debian Linux Security Advisory 4577-1 - Tim Dusterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections.




uri

Red Hat Security Advisory 2020-1000-01

Red Hat Security Advisory 2020-1000-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. A heap-based overflow was addressed.




uri

Red Hat Security Advisory 2020-1289-01

Red Hat Security Advisory 2020-1289-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include an out of bounds write vulnerability.




uri

Red Hat Security Advisory 2020-1290-01

Red Hat Security Advisory 2020-1290-01 - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Issues addressed include an out of bounds write vulnerability.




uri

Red Hat Security Advisory 2020-1288-01

Red Hat Security Advisory 2020-1288-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include an out of bounds write vulnerability.




uri

Red Hat Security Advisory 2020-1702-01

Red Hat Security Advisory 2020-1702-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.




uri

Reminder: We're Still Bad At Securing Industrial Controllers




uri

Half Of Industrial Control System Networks Have Faced Cyber Attacks, Say Security Researchers




uri

Urgent11 Security Flaws Impact Routers, Printers, SCADA, And Many IoT Devices




uri

Cisco Security Advisory 20130206-ata187

Cisco Security Advisory - Cisco ATA 187 Analog Telephone Adaptor firmware versions 9.2.1.0 and 9.2.3.1 contain a vulnerability that could allow an unauthenticated, remote attacker to access the operating system of the affected device. Cisco has available free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.




uri

Secunia Security Advisory 52060

Secunia Security Advisory - A vulnerability has been reported in Cisco ATA 187 Analog Telephone Adaptor, which can be exploited by malicious people to compromise a vulnerable device.




uri

Jolla Phone URI Spoofing

Jolla Phone with Sailfish OS versions 1.1.1.27 and below suffer from a telephone URI spoofing vulnerability.




uri

Secunia Security Advisory 37786

Secunia Security Advisory - A vulnerability has been reported in Juniper Networks Secure Access, which can be exploited by malicious people to bypass certain security restrictions.