USN-5845-2: OpenSSL vulnerabilities

USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this...

OpenSSL 1.1.1 < 1.1.1t Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.1t. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.1t advisory. - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were...

Ubuntu 18.04 LTS : OpenSSL vulnerabilities (USN-5845-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5845-1 advisory. David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary...

CVE-2020-16886

A security feature bypass vulnerability exists in the PowerShellGet V2 module. An attacker who successfully exploited this vulnerability could bypass WDAC Windows Defender Application Control policy and execute arbitrary code on a policy locked-down machine. An attacker must have administrator...

The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.

The vulnerability of the LibreLogo software module in the LibreOffice office software package stems from errors in URL processing. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code on the target system using a specially crafted request...

The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.

The vulnerability of the LibreLogo software module in the LibreOffice office software package arises from errors in URL processing. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code on the target system using a specially crafted file...

The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.

The vulnerability of the LibreLogo software module in the LibreOffice office software package stems from errors in URL processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system using a specially crafted file...

OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries...

CVE-2013-4389 rubygem-actionmailer: email address processing DoS

Multiple format string vulnerabilities in logsubscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of service via a crafted e-mail address that is improperly handled during construction of a log message...

Sendmail Address Prescan Memory Corruption Vulnerability

Description A vulnerability in Sendmail may be exploited remotely to execute arbitrary code. The flaw is present in the 'prescan' procedure, which is used for processing email addresses in SMTP headers. This condition has been confirmed to be exploitable by remote attackers to execute instruction...