Ubuntu Security Notice 5369-1 - It was discovered that oslo.utils incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.
411cefceef90a85d8c8dc19ccf524ce17535c66cb471835048a879d8652b4d2dRed Hat Security Advisory 2022-1263-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, code execution, integer overflow, privilege escalation, and use-after-free vulnerabilities.
8099208ae1c6aef8c286b95bb11ce25104d7ea396a4083c6ef51ad9bcd09650aBackdoor.Win32.XLog.21 malware suffers from an authentication bypass vulnerability due to a race condition.
ffd576924691fe767d1107b326422e967a2a992daabe4af6ca3325b4dc80dee0Ubuntu Security Notice 5368-1 - It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
5d0b16263370f4a729db7ba7a5a7cdbc7ade51f3de840e5c97e95000dd201eb7Backdoor.Win32.Verify.h malware suffers from a remote command execution vulnerability.
4699d9e6b4bd68875a0f652fa306eeee03cdb10e1dae83dce132aaa8e78d31f4KLiK Social Media Website version 1.0 suffers from multiple remote SQL injection vulnerabilities.
42db3e1dcbece0790bfbc86196de7c1c2969cdbeda431ac35150f2aacb2fa233Ubuntu Security Notice 5366-1 - It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. It was discovered that FriBidi incorrectly validated input data to its CapRTL unicode encoder, resulting in memory corruption. An attacker could use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code.
76d34cf377bdaf45f3627c0f847f651a0261aaa988a1ae4f8d5370481d429685WordPress WP Downgrade plugin versions prior to 1.2.3 suffer from a persistent cross site scripting vulnerability.
69670eeb08507b6e52ce6923413e57dcc50f60c892e1e6e96f503732e4cb8844WordPress UpdraftPlus versions prior to 1.22.9 suffers from a cross site scripting vulnerability.
7f58bd7c752a2ea2696ebc83162409fe030d7fad8a44a78e4179a5aad976cd39qdPM version 9.2 suffers from a cross site request forgery vulnerability.
64ddbfaa1da0cb1473febe63a28eecb79a7e8e8d82ebad0f32c44475dadf890fminewebcms version 1.15.2 suffers from a cross site scripting vulnerability.
012a23eea9d79f29877c3503d443c0a4c7269ed62de9ae93c4675556d060183bWordPress Hummingbird plugin versions prior to 3.3.2 suffers from a persistent cross site scripting vulnerability.
969dc3a879f05f95618233352ae956e5b07885f6bae05c8ee79499adcf514118ICEHRM version 31.0.0.0S cross site request forgery exploit that demonstrates account deletion. This finding varies from the original finding of cross site request forgery in the same software from the same researcher.
b9ee29826a306b33bdc668fcd9b9e3b8d9c8e92ba320ac432ad6259e72d505c3WordPress Ad Inserter versions prior to 2.7.12 suffer from a cross site scripting vulnerability.
652db37affa3855340a258c91864a0ce8bdaf34f00f77d2ce010c203c6c62a77WordPress Loco Translate plugin versions prior to 2.6.1 suffer from a persistent cross site scripting vulnerability.
89947839a0f022f27bf4e7359d1a8f8308d5cfc0bacc3631b9f3c6128744b460Backdoor.Win32.Wisell malware suffers from a remote command execution vulnerability.
ab408ddf30c8efccdf5889bf33194ede11b1d21e19f31d0fd37129927830bc25Kramer VIAware remote code execution exploit that achieves root.
8404177fc0140512f4c0692c887519b39c5ae5574106d110007ffd87f2556907Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability.
2263af4ce6ff37dbac253b84a65217cf2d09048893a98db44c043759d40d98daBackdoor.Win32.Wisell malware suffers from a buffer overflow vulnerability.
4b85e30c9cb01307432745296dc54e868880a133540cf9a9345df56e2b71d5c3Red Hat Security Advisory 2022-1254-01 - An update for python-waitress is now available for Red Hat OpenStack Platform 16.1 (Train). Issues addressed include a HTTP request smuggling vulnerability.
effdda3045e7a5921902a2c1f7359835efbe8f6331dc378ecabd0276c8cb947bOpmon version 9.11 suffers from a cross site scripting vulnerability.
1031328d4c4dd45e9bd49a0b213dfa68afd034ec97e28e3df6984cd8ecc85e3bbinutils version 2.37 suffers from a denial of service vulnerability.
1e11d3361ba89c76793a0375b6e6e81ac07920b95fc1b052a69b02bc35766fa1Zenario CMS version 9.0.54156 suffers from a remote code execution vulnerability.
8e4e62a30fdeac9204cd0769c5b4fd88a4ea3813f4d92091f84a205748dcb2d7Backdoor.Win32.Xingdoor malware suffers from a denial of service vulnerability.
4d9ca11257d3eabf102f15e0bb5b2464d4590fe91e591163af8447b36b2e99cdBackdoor.Win32.Ptakks.XP.a malware suffers from an insecure credential storage vulnerability.
3181fcc60a4d1c09ed768728bf9dfa57964c7b036c6a02884c58ff0d07f38e48
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed