Red Hat Security Advisory 2020-2321-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.6 serves as a replacement for Red Hat Data Grid 7.3.5 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include HTTP request smuggling, cross site scripting, out of bounds read, and traversal vulnerabilities.
37188b4f3d0ad45e53ae50f81ab79f3432ce0a83d98c55f4c8cc57bb3deb1677
Red Hat Security Advisory 2020-2320-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.
f7549ead20bb783e6cb4b514d50d4f776bae68dde0a75b9eb2bd0e5397e6d915
Ubuntu Security Notice 4373-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. It was discovered that Thunderbird did not correctly handle Unicode whitespace characters within the From email header. An attacker could potentially exploit this to spoof the sender email address that Thunderbird displays.
a219f16284c750b77961f6c9eded98a1b73a3929f9a88589d364731a4468ec6b
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
785a09ec25d1d6b816226ddaf146821a9306c1c995e631f4f1734f02f134b36c
This Metasploit module exploits a command execution vulnerability in Pi-Hole versions 3.3 and below. When adding a new domain to the whitelist, it is possible to chain a command to the domain that is run on the OS.
cfc36a06914072c52416ddfd61eac6960d61e2221a60fe7ace44ef28f80b6a52
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
ab0eb691b2753277738fe16ddc46349a24fd66b6323deae987f7c927272befd8
Joomla XCloner Backup version 3.5.3 suffers from a local file disclosure vulnerability.
ef04c92567e5b156450ea7e6559a869a0534f1b915695f0224bd3b46fda6017f
Red Hat Security Advisory 2020-2295-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and integer overflow vulnerabilities.
d9fd0a9346dcc7f3e1541813039a4fd01c31a4de0f270177032aff37559c7e2f
Red Hat Security Advisory 2020-2298-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an integer overflow vulnerability.
b2cc4813e750ba17fe290b817ee1baafa3b6f742a0753b564b03bd2e9c325c0b
Red Hat Security Advisory 2020-2296-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an integer overflow vulnerability.
9d53bb390e8e044ec27d21dfaacca86c7c412ed7c1cbb51b562d46151a7bb088
Red Hat Security Advisory 2020-2291-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include null pointer and use-after-free vulnerabilities.
ee45b6f042e6c691076480d16fcf830d4e740aa874df2048554f2cbfc377a42e
Red Hat Security Advisory 2020-2286-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.
6b16fab2cccc1429effdebcd8d1892267f046b82cee71b700a36ee0226029bf9
Red Hat Security Advisory 2020-2297-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an integer overflow vulnerability.
81358647ee9074aa90a1ebfef9070351c4d1fee3fa1a172a62b243c4f56953b0
Red Hat Security Advisory 2020-2289-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, heap overflow, memory leak, null pointer, and use-after-free vulnerabilities.
ca1a3813a0ecbcf9e2f73b9ff16150fb54c458acd38a43569a373d34d79a64fa
Red Hat Security Advisory 2020-2288-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
6057050ab3c64cb99a8163b4e83a90ad7fc59730961fc0ad917e9756045e4774
Red Hat Security Advisory 2020-2277-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, null pointer, and use-after-free vulnerabilities.
efe3145206f11b3e50ccbf503ead77fc3430350fad092aff5f0600584c28e720
Red Hat Security Advisory 2020-2276-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.
9c868c448ff2834f76a1cb663ab4f95f65d0a3479c243729fdd4b0057a5f5233
Red Hat Security Advisory 2020-2263-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include an open redirection vulnerability.
86f9d57c292b3fb674b63049a80ea6db991334dcbfdc96c2f2ee59843df7b710
Red Hat Security Advisory 2020-2285-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, null pointer, and use-after-free vulnerabilities.
ada265fb400fc2098c203f3e9ade8514a0113d55caa666df2cae0a77fa52de69
Red Hat Security Advisory 2020-2284-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.
5aa01910cf4b08a49fe266e0fd0f52a3370511c6f3bccfd6947a11032074f7a0
Red Hat Security Advisory 2020-2265-01 - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Issues addressed include a HTTP request smuggling vulnerability.
0c0904de44986bd12f1e63e56e6c3667b84845a080c52245dc69f3aecca57230
Red Hat Security Advisory 2020-2274-01 - The GNU Compiler Collection is a portable compiler suite with support for various programming languages, including C, C++, and Fortran. The devtoolset-9-gcc packages provide the Red Hat Developer Toolset version of GCC, as well as related libraries.
486a70df5db56e6dd31b0ffc096528a25c88a3a683e4276da5d8bf9b98650742
OpenEMR versions prior to 5.0.1 suffer from a remote code execution vulnerability.
cef69fb8f736848a842b3b4f42a6007301ace4c581b4522cb7c84afa0d549868