Red Hat Security Advisory 2023-3363-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.61. Issues addressed include a denial of service vulnerability.
8d6fee9bde0e70b5959833843ecf792b03a41b1f8e66f0bda5ccf23a07d42105Ubuntu Security Notice 6144-1 - It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into opening a specially crafted spreadsheet file, an attacker could possibly use this issue to execute arbitrary code. Amel Bouziane-Leblond discovered that LibreOffice did not prompt the user before loading the host document inside an IFrame. If a user were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause information disclosure or execute arbitrary code.
37dcbd392a52b90efbebd568b820d59b5bc9cea60ef156e11a7091896e446143Ubuntu Security Notice 6143-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.
bd9ffeca01911fb13e117e8a1a7783e4a6fcfb21b1709f4dca9749fb6a00db42Debian Linux Security Advisory 5419-1 - Two vulnerabilities were discovered in c-ares, an asynchronous name resolver library.
1e9e9de47625e97e419ed5fbee008a7603b1295dcf08d757bc8c853b1c3aac6aSysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.
358d1a084d4f53bfe86e7c4babfa56b222bf565e9140fa49191c7fe2bd88bd32Red Hat Security Advisory 2023-3362-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.61. Issues addressed include a resource exhaustion vulnerability.
4bce165c5c9df5cb4de59c5bdd82271c3d2ff9b358d9d5a530d767317445da62Red Hat Security Advisory 2023-3525-01 - Flask is a lightweight but extensible web development framework for Python based on the Werkzeug WSGI toolkit, and the Jinja 2 template engine.
aa0ea2323128266d3d1c561693ebe5815feb3f6880d4658b7cad4237aa890a18This Metasploit module leverages an authentication bypass in PaperCut NG. If necessary it updates Papercut configuration options, specifically the print-and-de vice.script.enabled and print.script.sandboxed options to allow for arbitrary code execution running in the builtin RhinoJS engine. This module logs at most 2 events in the application log of papercut. Each event is tied to modification of server settings.
f4313d7696bef22bdc9abcdfd185a2f5ec910ab23fce5708d4d336c70e7796cbRed Hat Security Advisory 2023-3366-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.2. Issues addressed include a traversal vulnerability.
80039969fc5e57e3c93829b4e7c8f12fccde025bcaac1426494a02f1b102dd6dWhitepaper called Bughunter's Life-Style: A DIY guide to become an alone long time bughunter for ordinary people. Written in Spanish.
492728ae51fe482711c11af1be87bba75442f0506b3f42fe800bfc028dd68d50Ubuntu Security Notice 6028-2 - USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash.
e936bfd38b8205cb07c32f3057dc5f6150b5dd58c2eeaad2df97c67b652a1946Red Hat Security Advisory 2023-3491-01 - An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
31d70addc56bca5825603d5bf8f8997c0d2d33c37f78de6bcf050fa923352de4Magento eCommerce version 2.4.0 suffers from an information disclosure vulnerability.
ab3ecd35ea1bd5ea43f71e8cc7229f70824a190697fc616d9688716fd6a524a1Wizcyb Interactive version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
b510ea894a9dc141c92cd986b698461f5212bc9cae14a47d0a5c84e18abbaba9Red Hat Security Advisory 2023-3490-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
b41135a7cd8822453c05dfbe6e299e4f5ce04418fab7aa3c67341dab9e88481eRed Hat Security Advisory 2023-3517-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
8ad99264c9e219b90670616eb2e37b62858702cc69b51b2c51a152abefd92e3dRed Hat Security Advisory 2023-3481-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.
ce873579913e68d504471040ff154a376c9b46704c05b74f68d9c6d71f1554aeUSB Flash Drives Control version 4.1.0.0 suffers from an unquoted service path vulnerability.
0401646c79292fc4d90c3613db9e59052043cb7cc92f6063a192e3026387e6d7Red Hat Security Advisory 2023-3489-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration.
034b171db42543f7d6cfa17382068a6799323ddd4aa9fc6ccfaac590b7175856CloudPanel versions 2.0.0 through 2.2.2 suffer from a privilege escalation vulnerability when a traversal is leveraged against clpctlWrapper for which all normal users have sudo access.
f9daecf3318cd818a2145b9564acb5e7d1134267b39ff16b67c07e2cf8d4f41cExpert Job Portal Management System version 1.0 suffers from a remote SQL injection vulnerability.
8012e32ab3760677e2dcbdfaff9c6f2f091fcbf694cccdde8d26e34b76f7869eWordPress Updraft plugin version 0.6.1 suffers from an information disclosure vulnerability.
5b25f4bd4b6c6c3aad3c43163b102ed5e626173201ff5e1cfd700e55203ee573Ubuntu Security Notice 6142-1 - Gal Goldshtein discovered that nghttp2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.
8db0cfa1ab9c208a5c6578a0215c4766c126c7705ad9c0c431e5eb80778831e7Red Hat Security Advisory 2023-3460-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a denial of service vulnerability.
4f35d214f26f023db9755bcd3961524c8e3816178818ad49bdfc847516db4ceeUbuntu Security Notice 6141-1 - Robin Peraglie and Johannes Moritz discovered that xfce4-settings incorrectly parsed quoted input when processed through xdg-open. A remote attacker could possibly use this issue to inject arbitrary arguments into the default browser or file manager.
2f043764bc68fb396b2e0122391243701d80409155bba15c5060fdb94c8b99b6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed