Ubuntu Security Notice 5523-2 - USN-5523-1 fixed several vulnerabilities in LibTIFF. This update provides the fixes for CVE-2022-0907, CVE-2022-0908, CVE-2022-0909, CVE-2022-0924 and CVE-2022-22844 for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that LibTIFF was not properly performing checks to guarantee that allocated memory space existed, which could lead to a NULL pointer dereference via a specially crafted file. An attacker could possibly use this issue to cause a denial of service.
81521516cda0735954a55daae6fa0943100b2d94e68820e6f180b476c570ccaf
ETAP Safety Manager version 1.0.0.32 suffers from a cross site scripting vulnerability.
cb949674cf6ac260ae0ea2bcfab1a0d5b6b592e39e3fccecdbd74d5a764a840e
Infix LMS version 4.3.0 suffers from a remote shell upload vulnerability.
b9fb1eb73b48a203ba61020ca1bc27e9a98b348e216dac02454c0283feade433
Infix LMS version 4.3.0 suffers from an iframe injection vulnerability.
bfdbbe2f774ece5214aba0ce2b5fa1926bb8a9cd3a547ca08d21a11979e412eb
SmartRG Router version 2.6.13 suffers from a remote code execution vulnerability.
138378c68bc7e6458e303ffdbc971ff3bc4723934c45f86cd6b2c12f65df9dba