EUVD-2020-19148

Malware in sbrugna...

EUVD-2020-19151

Malware in sbrugna...

CVE-2020-26597

An issue was discovered on LG mobile devices with Android OS 9.0 and 10 software. The Wi-Fi subsystem has incorrect input validation, leading to a crash. The LG ID is LVE-SMP-200022 October 2020...

CVE-2020-27678

An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parseusername in lib/libpam/pamframework.c...

CVE-2020-26603

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 October 2020...

Oracle Siebel Server (October 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the October 2020 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: UIF Open UI jQuery. The supported version that is affected is 20.8...

Oracle Siebel Server <= 20.7 (October 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory. - Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM component: Mktg/Email Mktg Stand-Alone Apache Commons File Upload. Th...

regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

The Qualys Threat Research Unit TRU has discovered a Remote Unauthenticated Code Execution RCE vulnerability in OpenSSH’s server sshd in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler race condition in OpenSSHs server...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - Includes Oracle Oct 2020 CPU minus CVE-2020-14781 and CVE-2020-14782 affects Liberty for Java for IBM Cloud

Summary Multiple vulnerabilities in IBM® Java SDK affect Liberty for Java October 2020 CPU. Vulnerability Details CVEID:CVE-2020-14792 DESCRIPTION: An unspecified vulnerability in Java SE related to the Hotspot component could allow an unauthenticated attacker to cause low confidentiality impact,...

Oracle MySQL Connectors (October 2021 CPU)

The 8.0.26 and prior versions of MySQL Connectors installed on the remote host are affected by a vulnerability as referenced in the October 2020 CPU advisory. A Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.26 an...

GHSA-GHPQ-VJXW-CH5W Use after free in libpulse-binding

Overview Version 1.2.1 of the libpulse-binding Rust crate, released on the 15th of June 2018, fixed a pair of use-after-free issues with the objects returned by the getformatinfo and getcontext methods of Stream objects. These objects were mistakenly being constructed without setting an important...

PT-2021-16573 · Samsung · Secure Folder

Name of the Vulnerable Software and Affected Versions: Secure Folder versions prior to SMR Oct-2020 Release 1 Description: The issue is related to an improper authorization of using a debugging command in Secure Folder, which allows unauthorized access to contents in Secure Folder via the debuggi...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime may affect Tivoli Netcool Performance Manager for Wireless,Oracle October 2020 CPU

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 & 8 used by Tivoli Netcool Performance Manager for Wireless. Tivoli Netcool Performance Manager for Wireless has addressed the applicable CVEs.These issues were disclosed as part of the IBM Java SDK updates in...

Security Bulletin: CVE-2020-14782 may affect IBM® SDK, Java™ Technology Edition

Summary CVE-2020-14782 was disclosed as part of the Oracle October 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Operational Decision Manager (Oct 2020 and Jan 2021 CPUs)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and 8 that is used by IBM Operational Decision Manager ODM. These issues were disclosed as part of the IBM Java SDK updates in October 2020 and and in January 2021. Vulnerability Details CVEID: CVE-2020-147...

Security Bulletin: Multiple vulnerabilities in IBM Java SE, Java SE Embedded affects IBM Operations Analytics Predictive Insights

Summary Multiple security vulnerablities in Java SE, Java SE Embedded product of Oracle Java SE components: Serialization, Hotspot, Libraries were disclosed as part of their October 2020 Critical Patch Update. Those vulnerabilities affect IBM Operations Analytics Predictive Insights 1.3.6 and...

Oracle Access Manager Webgate Information Disclosure (Oct 2020 CPU)

Binary data oracleaccessmanagerwebgatecve201811058.nbin...

Security Bulletin: A security vulnerability has been identified in IBM SDK, Java Technology shipped with IBM Maximo Asset Management (CVE-2020-14781)

Summary CVE-2020-14781 was disclosed as part of the Oracle October 2020 Critical Patch Update. Java is used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilitie...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Tivoli Netcool Performance Manager for Wireline October 2020 CPU

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition, Version that is used by Tivoli Netcool Performance Manager. This issues is disclosed as part of the IBM Java SDK updates for October 2020. Information about a security vulnerability affecting IBM WebSphere Application Server...

Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager (CVE-2020-14779, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2, which was disclosed in the Oracle October 2020 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...