Ubuntu Security Notice 5614-2 - USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code.
10e730b3dc2565c7df75f5b8c7912171f93bac717141d6b3dac8f64898adb02fWordPress WPvivid Backup plugin versions prior to 0.9.76 suffer from a path traversal vulnerability.
fb090fe06b8107185b5b73bdfac52e984a5bd3987e4e8a14397734095d06addfWordPress Elementor plugin versions 3.6.0 through 3.6.2 suffer from a remote shell upload vulnerability. This is achieved by sending a request to install Elementor Pro from a user supplied zip file. Any user with Subscriber or more permissions is able to execute this.
0537a61d8c7e168ee93f25ae88cc62b13741cb186c02291ebc2f946f834cd81fUbuntu Security Notice 5651-2 - USN-5651-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.
759a27511c8f487803c7aa104783c2c246c6fddf62edc3b8d14f204cff8a093eRed Hat Security Advisory 2022-6763-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
90a7db70273f1bcf3f0dddfd37788d5e9c87a1b7559b29fdcbb1e860a02410b1Ubuntu Security Notice 5651-1 - Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.
307727d9f9df8f35a12cad1acef25cb191f668ed5401e4156a8ff7369ecdc831Joomla RAXO All-Mode PRO extension version 2.01 suffers from a cross site scripting vulnerability.
b184da1d06132aed982ee2549a07da0dfa94c6d57c4ca741a10f65c4a73eec7aRed Hat Security Advisory 2022-6764-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
98299df0e775091d0cd425d53583bd53c962a02b6a59be2d5445c8a7d756d4e6Ubuntu Security Notice 5653-1 - Benjamin Balder Bach discovered that Django incorrectly handled certain internationalized URLs. A remote attacker could possibly use this issue to cause Django to crash, resulting in a denial of service.
9243a60f7904a4b165533d79fb778a5eaf28db2dcb1af8c5196198b7945e326eCanteen Management version 1.0-2022 suffers from a remote SQL injection vulnerability.
2d4328d6484fdeed0350fcb19dc9fe4f3d5499e3bb9f44d105865efdc3315733Ubuntu Security Notice 5652-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service.
da237cf0c69ad0299d2d45386e0353a125c52434eb9c8e1c7b9ba1d5a9cfa13aJoomla Solidres extension version 2.12.9 suffers from a cross site scripting vulnerability.
4d0ea072e4c8b6fdd75003b025df09b5ced3c45e3082d7cfe1352f4dfe683076Red Hat Security Advisory 2022-6765-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
c4fc34a4dbce658a7d6f43a15de99e7c144eb84230b265c294a7594060f9a520Red Hat Security Advisory 2022-6766-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include denial of service, information leakage, and open redirection vulnerabilities.
47a2ab29057f9acc5a00ccedf39008056db417722a5523acfc41053f138f98b6This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
19f85009c7e3e23787f0236fbb1578392ab4d4bf9f8ec5fe6bc1cd7e8bfdd288
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed