RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi. A Command Injection vulnerability in RaspAP versions 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands in the context of the user running RaspAP via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php. Successfully tested against RaspAP 2.8.0 and 2.8.7.
abc5a8577c76d38277377259204d36eaaa8e98293d1ed4d1030fb74de2c622f0Ubuntu Security Notice 6288-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.34 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
b6348efcf64058f48985178eda60185a45a1ad2d30cb47909481c185fe4a0061Debian Linux Security Advisory 5477-1 - Several vulnerabilities have been discovered in Samba, which could result in information disclosure, denial of service or insufficient enforcement of security-relevant config directives.
af91853d8e5f0024764f5543a8b80895c57747aa8c34de789911957203c66602Blood Donor Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
3ab40ec2fcd549d03f7ca4fdbf60fd286a3ba512fde3530e785bbc685e75932fRed Hat Security Advisory 2023-4655-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration.
462f47803f2d1f38299ff49a67941ea34cadd5ba5a46e30e3a4b5ab3317852ccRed Hat Security Advisory 2023-4651-01 - Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries.
7fdfffee94555d06a4b01161da79f0618d8ac96ff00f9ff7f1c19cf3842f573cRed Hat Security Advisory 2023-4635-01 - Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries.
db26cb8a873428f876f2e7a4529ec2cf4d6d15c79d795501246c879819b52631Red Hat Security Advisory 2023-4640-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Issues addressed include a denial of service vulnerability.
54ea2e499f3b3e8ded2521679803c22fb283abc99e8755481e6431115ecc56e7Red Hat Security Advisory 2023-4645-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.121 and .NET Runtime 6.0.21. Issues addressed include a denial of service vulnerability.
a143d0103f112696568f4d8b8bf660b992210bc9fa6d06ceb833036dde02f61cRed Hat Security Advisory 2023-4643-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.110 and .NET Runtime 7.0.10. Issues addressed include a denial of service vulnerability.
7ae7e986c3c0a4b93943f048be06c6c5577d7bb238950b3559c8000616982cbdRed Hat Security Advisory 2023-4650-01 - Multicluster Engine for Kubernetes 2.2.7 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
ac69f472969b30a30d818388809905d1aa907326f3cbbab1d0d441f5f823fd3dRed Hat Security Advisory 2023-4639-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Issues addressed include a denial of service vulnerability.
4e04cb733603ab44a21e455f30d72ef0852507c570d8adbc9abb07732218fc65Red Hat Security Advisory 2023-4634-01 - Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries.
066651121c75a921764782f330be26004c357892888390ee680b673b49ca81a4Red Hat Security Advisory 2023-4642-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.110 and .NET Runtime 7.0.10. Issues addressed include a denial of service vulnerability.
b42006444058579e98d9acb7b27d86690ecd95d473da4205235cdaaba9e5312aeLitius version 1.0 appears to leave backups in a world accessible directory under the document root.
37a6ad9ab40e37e23d7cbfe01ee9334c417b3339776c4691b7ae872e89ddb896Elite CMS Pro version 2.01 suffers from a remote SQL injection vulnerability.
7eb9069a741d4df11a156a416ed6992e071d14d8971b0618d40a2c5ce9403cfaElevel CMS version 1.0 suffers from multiple remote SQL injection vulnerabilities including one in the login flow that allows for authentication bypass.
5c2a9d05c62a2c6c9c285f97e030f823c66fe5b7c1b93088a1e5ed551de8d14dEkushey Project Manager CRM version 3.1 appears to leave default credentials installed after installation.
8f869d35a8e3b499b55b232c9673de03ce8934a7ea09e8b4bed59998fb252fc0E-Journal Homoeo CMS version 2.0.3 suffers from a remote SQL injection vulnerability.
8f3fa55930fccfbd46131787e1ad254d6471bc9de8d2aed6f8ffb311b392d4fcEI Tube YouTube API version 3 suffers from a remote SQL injection vulnerability.
997fde59625cd67a73a0abff7333bac7deb7f10b70e1612008cb7e06f99145e4E-Fun CMS version 5.0 suffers from an XML external entity injection vulnerability.
5af873e10e8659ab07affe10868746b3fb4fc8bd88421a839e50cb3466940086WordPress Core version 5.6.2 appears to suffer from an xpath injection vulnerability via the log parameter.
a09643f53bbe40a0895f24e822cdf7d8d6272510d96b3443e6ac504dcecae219Red Hat Security Advisory 2023-4644-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.121 and .NET Runtime 6.0.21. Issues addressed include a denial of service vulnerability.
63aa6473f15342d44d9d6deea6ac2a3e516fc84c5fed03e801452c6d31264dddRed Hat Security Advisory 2023-4641-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.121 and .NET Runtime 6.0.21. Issues addressed include a denial of service vulnerability.
a3b8213d50fa48090f592eeb4565d04109d5c74386f25eb4f641bb1c78b03d6eEducation Time Indonesian School CRM version 1.7 suffers from a directory traversal vulnerability.
7512cc037af0326b217692e5b8d56807a4bf97b19953ba3bb1065630fd2cf92a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed