Gentoo Linux Security Advisory 202209-27 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions less than 102.3.0:esr are affected.
da5ad64b1ca5059281d41422aedf676273506128bf27ccfc379aa4eb214fc474Gentoo Linux Security Advisory 202209-20 - Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation. Versions less than 7.4.30:7.4 are affected.
32033fadca7b14049c6a84194d227cf9986263bb6581ad379d00c7d51c73328cGentoo Linux Security Advisory 202209-24 - Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution. Versions less than 2.4.9 are affected.
2ce98ac3693f706e145cfd62612f4e95aba33619815a6e436ea16ca923e8b420Gentoo Linux Security Advisory 202209-22 - A vulnerability has been found in Kitty which could allow for arbitrary code execution with user input. Versions less than 0.26.2 are affected.
86eb80320fa84bb7a076ccdd97aab736cc98066555fa5ab8e3b9fcf803a8a783Gentoo Linux Security Advisory 202209-26 - Multiple vulnerabilities have been discovered in Go, the worst of which could result in denial of service. Versions less than 1.18.6 are affected.
5e76cee4cc0f41c29de31b148985328f2ef3f4cfb927608097a6abe3c17f602dGentoo Linux Security Advisory 202209-23 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 105.0.5195.125 are affected.
cdc8ee89e740628d11a899ae470b25cff194a96171905579abdf7bb65d0a72c5Gentoo Linux Security Advisory 202209-25 - A vulnerability has been discovered in Zutty which could allow for arbitrary code execution. Versions less than 0.13 are affected.
28cac471ae988cac02eafd406f0d0c2bbb8d20b30361cfda4f251e1475bbd755Gentoo Linux Security Advisory 202209-21 - A vulnerability has been discovered in Poppler which could allow for arbitrary code execution. Versions less than 22.09.0 are affected.
bb7e78343a58934f514393f6c6ebf70def0d9cbb6f1002e72f183864b7b7c70bGentoo Linux Security Advisory 202209-19 - Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. Versions less than 1.3.38 are affected.
ce81f88ef1dacfc7f245a7c4901fb01be1706eb8ca10d234347e0653b483d84aGentoo Linux Security Advisory 202209-18 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution. Versions less than 102.3.0 are affected.
f6cccd019556dcb672376a6d40614f4adb5515932082ba9beff6cc559936c86cGentoo Linux Security Advisory 202209-17 - Multiple vulnerabilities have been found in Redis, the worst of which could result in arbitrary code execution. Versions less than 7.0.5 are affected.
d9b1e22f9279ea317e0d95ba79680177c3910a25c6779c4d6a4247ff3fd8ac42Gentoo Linux Security Advisory 202209-16 - Multiple vulnerabilities have been discovered in BlueZ, the worst of which could result in arbitrary code execution. Versions less than 5.63 are affected.
665e641a5e8b1bb883f56bf358f09daf4066682c626f4aaf8eea49daf5ff2361Red Hat Security Advisory 2022-6753-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.
28d7f2e087a5d9425e253343d93cbc36c274fd300fda47cab8198615c8ea532aRed Hat Security Advisory 2022-6750-01 - Barbican is a ReST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments. Issues addressed include a bypass vulnerability.
5344e5217e226027bd6020f87c92f572ebb799b817358a5b04b19b7e17fae74dRed Hat Security Advisory 2022-6755-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR5-FP15.
ded539cae1ed8ed1e786ba32d749c65613ce788ff3a0bc1e97340d53868e0398Red Hat Security Advisory 2022-6756-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP15.
ea8652a3fe4bce04733c5dcbe029ab73d3b19cdafbe5d4e08f80ae117000a1dcUbuntu Security Notice 5647-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
f646132213ac5199fd0835b743af47740f9030b83556dc9ad35a5af5da00ade0Ubuntu Security Notice 5615-2 - USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 16.04 ESM. It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code.
ee761ef6e19d379bce5560d3dfb6533fa06c67a12017651e03a872648746a6fbRed Hat Security Advisory 2022-6741-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a privilege escalation vulnerability.
058d93ee15c69d7a7c5f8f0f0aece4f72c2f05b24cb23c11dc1b8bae327307e0Ubuntu Security Notice 5646-1 - Tobias Stoeckmann discovered that libXi did not properly manage memory when handling X server responses. A remote attacker could use this issue to cause libXi to crash, resulting in a denial of service.
46c4a791137670f7e5bdbac84f1b17ad4b368c2214d2709f79e8c9bd7c67e379Ubuntu Security Notice 5645-1 - Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established. Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges.
fa94546c58f17991b5a646049ec8ec30cd923dd7fcf8ea2301f30eeeb7d86f13Ubuntu Security Notice 5644-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.
52e89f704b52d276628aa495437f86aa41bdebe72618eb49ef32fb4cfa0b8b3aRed Hat Security Advisory 2022-6696-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include crlf injection and denial of service vulnerabilities.
93b0f967c0fc17f3ba55a522337de68e746328883ab6a3bcc0a9d9569b072751Ubuntu Security Notice 5643-1 - It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.
9ddb6beb5a0c7f182f8769c40dd4c0e7d3469c4fb93b3442d282bbf5574f3e0fUbuntu Security Notice 5642-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
a741c88fdbcebba263f141b68dade06af9876160b8164996177be9bce2fc3196
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed