Omeka version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
f03557e695e804ef6a1ce733359bfca3c46a15464352e305d38e814421f08d8eTrixbox suffers from cross site scripting, local file inclusion, SQL injection, and remote code execution vulnerabilities.
9ef0ed67767e646a6f2d1db382c38acd0e8f214fb1e4961fb49e8336b89d0d82OL-Commerce version 2.1.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
4f82c8a5cedb0631e0830ff7889b78362f484948bf62f7ba8d9b619b16d05643Cisco Security Advisory - A vulnerability in the web server used in multiple Cisco Wireless Residential Gateway products could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution.
6968ff4fbb937eaac9473bb098851f61c4f66b3058d93aeac5e38d2623713836Ubuntu Security Notice 2290-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. It was discovered that an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.
d08146b9fea95b5609bae004d574e7ab893d68c13196106b2acc630dcddde5beUbuntu Security Notice 2288-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. An information leak was discovered in the Linux kernel's media-device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.
762c3e6b6422023b0cf7a2e4570f032da29fd554adfd4933d7c81ac2791e2d59Ubuntu Security Notice 2287-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
94ee00bc3e51eee0cab2b52407443420b1915d25bdf54bb8483c9baf7e584422Ubuntu Security Notice 2286-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
a5ef90e192f25e88bdc05dfdee78ce4c2c01c37086253de1e44f5916378ea6d5Ubuntu Security Notice 2285-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
53e0798c2145b912fe223a7d42f93aed871de378ec27bac50506de03da6f050fUbuntu Security Notice 2284-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
65de288e89273b4a19a71abb156d0c8a5e22311920ee9d2e00adb2f15336ac60Ubuntu Security Notice 2283-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
51f7353dddebbf98d96c1d6defd1a3d69f1782559d7243fa23fd748f4b653195Ubuntu Security Notice 2292-1 - It was discovered that the LWP::Protocol::https perl module incorrectly disabled peer certificate verification completely when only hostname verification was requested to be disabled. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could possibly be exploited in certain scenarios to alter or compromise confidential information in applications that used the LWP::Protocol::https module.
04124159814afda52855f16ba5f872746057725d6ed57e3e9e8e74d49f9a14f0Red Hat Security Advisory 2014-0900-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free function) arbitrary kernel memory.
93d4f43f287c1cf23493c2e022072560eb159a8f9435a1c0e2e7ec757823346eUbuntu Security Notice 2291-1 - Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
723e8cb6fd677790ef2622722d59af916bd5e27e09651422f5ca6aaa4e08b132Ubuntu Security Notice 2282-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. A flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). Various other issues were also addressed.
7576ac5f9418fb22970fae92bda3060de5c7f880fb96a5b9f8bf23edeaa5a089Debian Linux Security Advisory 2765-2 - The update released for davfs2 in DSA 2765 had a version number for Debian 7 "wheezy" that sorts lower than the version in Debian 6 "squeeze", causing problems on upgrades. This update makes a package of davfs2 in wheezy available which corrects only the version number.
aa8bfc6ea9c15a1557ed96764c642823aafbff021291cfa52eff9a50cf97c2e6Red Hat Security Advisory 2014-0899-01 - The openstack-neutron packages provide Openstack Networking, the virtual network service. OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. It was discovered that an authenticated user could add a security group rule with an invalid CIDR causing the openvswitch-agent process to fail and prevent further rules from being applied.
12984459022baf2395d5a366d6fa4c480f4128a03b2f292f6a9b26954ff26981Ubuntu Security Notice 2289-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
ee4b5aba8b85af49f51b037947116834b7eba864e9592e5b19b0e8efa9345287Ubuntu Security Notice 2281-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. A flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). Various other issues were also addressed.
fb76516b15ce9ca580e4630ff501124404a3bd73f76afd4fa1763950b0a262ab
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed