#ubuntu

Backdoor.Win32.Hupigon.afjk malware suffers from bypass and code execution vulnerabilities.

Apple Security Advisory 2021-10-26-7 - tvOS 15.1 addresses buffer overflow, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2021-10-26-6 - watchOS 8.1 addresses buffer overflow, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Backdoor.Win32.Hupigon.afjk malware suffers from a man-in-the-middle vulnerability.

Backdoor.Win32.Hupigon.afjk malware suffers from a directory traversal vulnerability.

Backdoor.Win32.Hupigon.acio malware suffers from an unauthenticated open proxy vulnerability.

WordPress Supsystic Contact Form plugin version 1.7.18 suffers from a persistent cross site scripting vulnerability.

Apple Security Advisory 2021-10-26-5 - Security Update 2021-007 Catalina addresses code execution, integer overflow, out of bounds read, and out of bounds write vulnerabilities.

Backdoor.Win32.Hupigon.acio malware suffers from an unquoted service path vulnerability.

Ubuntu Security Notice 5009-2 - USN-5009-1 fixed vulnerabilities in libslirp. This update provides the corresponding updates for Ubuntu 21.10. Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. It was discovered that libslirp incorrectly handled certain udp packets. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. Various other issues were also addressed.