Debian Linux Security Advisory 4935-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result an SSRF bypass of the FILTER_VALIDATE_URL check and denial of service or potentially the execution of arbitrary code in the Firebird PDO.
5c5de3d94e5c01e0c46189886df935c5f426216b9c105ee49d6ee312d4327a61Debian Linux Security Advisory 4936-1 - An out-of-bounds read was discovered in the uv__idna_to_ascii() function of Libuv, an asynchronous event notification library, which could result in denial of service or information disclosure.
0a7f33c31a07fc41d5f7ed52fc3b276e5d28bb695e3f697e1e2b15a2cf82bdc9Debian Linux Security Advisory 4937-1 - Several vulnerabilities have been found in the Apache HTTP server, which could result in denial of service. In addition the implementation of the MergeSlashes option could result in unexpected behaviour.
2382a13cd727ebe78876d34b5fa53df39e32f618f527a9cd28bf0c55d1282cddDebian Linux Security Advisory 4938-1 - Miroslav Lichvar reported that the ptp4l program in linuxptp, an implementation of the Precision Time Protocol (PTP), does not validate the messageLength field of incoming messages, allowing a remote attacker to cause a denial of service, information leak, or potentially remote code execution.
a2cb5acebab5469fd7930619851a5d96bf30b1019949c76285dfc85a4c4dbe11Debian Linux Security Advisory 4939-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
7b50a15c1add6bc56ecf019ef10497c2efbc1ba43e512c66383a647502a92ccaDebian Linux Security Advisory 4940-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.
a5e3c708266685aeb96e7eac631ca4f2a6eef78065d06f559908a822526ab1d5Debian Linux Security Advisory 4941-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
9e4606f89d1986908d6e85cb89fbdb57f27c0579df76bf6f6ebb8845f2929900Debian Linux Security Advisory 4942-1 - The Qualys Research Labs discovered that an attacker-controlled allocation using the alloca() function could result in memory corruption, allowing to crash systemd and hence the entire operating system.
a2e04b6dd6b4135945ca528b3aaaa92706651638cca02879f67327677470b03dDebian Linux Security Advisory 4943-1 - Several vulnerabilities were discovered in lemonldap-ng, a Web-SSO system. The flaws could result in information disclosure, authentication bypass, or could allow an attacker to increase its authentication level or impersonate another user, especially when lemonldap-ng is configured to increase authentication level for users authenticated via a second factor.
09d0700a290d154bf2f6f5a21887040e4a7e0ff61710ae283859aaea342ab1fdDebian Linux Security Advisory 4944-1 - It was discovered that the Key Distribution Center (KDC) in krb5, the MIT implementation of Kerberos, is prone to a NULL pointer dereference flaw. An unauthenticated attacker can take advantage of this flaw to cause a denial of service (KDC crash) by sending a request containing a PA-ENCRYPTED-CHALLENGE padata element without using FAST.
42036edebb28009c78bc3526ed1cd53c67ee4d42a4bd26657d2433b71b487a10Debian Linux Security Advisory 4945-1 - Vulnerabilities have been discovered in the webkit2gtk web engine.
db3773c5f5bf9c0bc82d8e7414f94ae18cb4a5da421a3c58bb325df00ee051bfDebian Linux Security Advisory 4946-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in bypass of sandbox restrictions, incorrect validation of signed Jars or information disclosure.
7f41ce213e4d1a4c11df0c9bae9ce5763fd51d9c8a0975b24d5832be5dee34feDebian Linux Security Advisory 4947-1 - Andrea Fioraldi discovered a buffer overflow in libsndfile, a library for reading/writing audio files, which could result in denial of service or potentially the execution of arbitrary code when processing a malformed audio file.
fae8abc77ee669212af806a36de566251697768d968dc6604c4725e5f02ea1c9Red Hat Security Advisory 2021-2932-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, and out of bounds read vulnerabilities.
7819eab95b801ee299b0c45f60fb153ccf55a8165bda9a4b92c9e354fa35c7d0Backdoor.Win32.WinShell.40 malware suffers from a code execution vulnerability.
36bd0dcd70c37c0f6388382b04be4c7bcc24e363234f2224ab11193b7ad7cfbaRed Hat Security Advisory 2021-2931-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, and out of bounds read vulnerabilities.
e59ed91a5edb1ab96597451d6ad951184459cdd8057a7fea7fee363d15069354Event Registration System with QR Code version 1.0 suffers from authentication bypass and shell upload vulnerabilities.
fc40291e7f367fc138282d091bd129a8e4f3f89060b16b7bf82ad2b4becc1492Red Hat Security Advisory 2021-2438-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, denial of service, open redirection, resource exhaustion, and remote shell upload vulnerabilities.
44f1588b77c38919a903c4dffe0b5b58cf96f91a447694471f228851a5f89f6dDenver Smart Wifi Camera SHC-150 has a hardcoded backdoor login vulnerability available via telnet that gives a shell.
789b4b83a370842e480d42282232176547990a8306c7562bcb40708246fa13c9Red Hat Security Advisory 2021-2437-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.2. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.
7ec5b49853d7057879102f37d070eea1a55cf6c1c169311c047cfd931c993a81eGain Chat version 15.5.5 suffers from a cross site scripting vulnerability.
86f82233af5a41046687330cd64e5466b63f4308ade16bd242d6db2f54261ee8TripSpark VEO Transportation suffers from a remote blind SQL injection vulnerability.
ba67407364e373aec38862e6aebf93a49d2b7648ca3308acedd73cf52d3ddd30
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed