Ubuntu Security Notice 5186-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass CSP restrictions, or execute arbitrary code. A security issue was discovered with the handling of WebExtension permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to create and install a service worker that wouldn't be uninstalled with the extension. Various other issues were also addressed.
d44d136059fcda89f1c96e0aa8cb1ab7bc80a28edd13ec2a2a32a862b61d0c3f
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
369fe89e7da8435660ca7f306819da93d1d4211c8d6d85fd92f2db639a11d021
Red Hat Security Advisory 2021-5070-02 - An update for python-django20 is now available for Red Hat OpenStack Platform 16.1 (Train). Issues addressed include local file inclusion, remote file inclusion, server-side request forgery, and traversal vulnerabilities.
ffda29beeea0e12945c6104476712c3a616df43c26b412c9ebce4eee73c3f2a8
OpenCATS version 0.9.4 suffers from a remote code execution vulnerability.
e7ff0cc62cfad44e30b93e807a8b4734da83818fcd754cefa8c8cb6c43f7025d
Red Hat Security Advisory 2021-5072-01 - A highly-available key value store for shared configuration.
a2bcb1ef88e5d083f6f1ef9f98208fa1e3794f337bde2fe1a49b21b21ea8c205
Free School Management Software version 1.0 suffers from a persistent cross site scripting vulnerability.
879875706e6b66f816720b0afa5a9605962c5bb0774b705d2796e3124ebd666e
Free School Management Software version 1.0 suffers from a remote shell upload vulnerability.
a810bf3a77fe9f553633332116ee660e8defd82838d449a3d9d018f2c7fc8411
This document covers a vulnerability in policy kit (polkit) used on many Linux distributions, which enables an unprivileged local user to get a privileged shell (root) on the system by manually sending dbus messages to the dbus-daemon, then killing the request before it has been fully processed.
ff7bcacb2c7403598821beac18efca74a1f7003754707a0f87aff49223d1293a
Red Hat Security Advisory 2012-5055-03 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.
61b4bec841e680bb9a5571f36321dbeaf52b939212f9b957e57c9c5429cb53aa
Red Hat Security Advisory 2021-5071-01 - Eventlet is a networking library written in Python. It achieves high scalability by using non-blocking io while at the same time retaining high programmer usability by using coroutines to make the non-blocking io operations appear blocking at the source code level. Issues addressed include a denial of service vulnerability.
50fe298ac47eb901a386ecd9eb2bc7b0461f012ae16446e85fea898046de6b78
Red Hat Security Advisory 2021-5065-05 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
2972402991f09d373980eb4e3eeee23e57db172ad950aeeaa09dfecd2725604e
Apache Log4j2 versions 2.14.1 and below proof of concept remote code execution exploit. JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
c8d0355e439c74ae436d3c409fe4b1f7b1c6c2d6fb97d2375bbaa49de94f642b