Debian Linux Security Advisory 5349-1 - Hubert Kario discovered a timing side channel in the RSA decryption implementation of the GNU TLS library.
529cabf89a74ffee339c76aaa209fcc4e84d4aa2cdcce805499cec41c0385567
B&R Systems Diagnostics Manager versions above or equal to 3.00 and below or equal to C4.93 suffer from a cross site scripting vulnerability.
73c092297c794cf9f02f7442ef627100dbeb5b3e8758091b6d6bf2c262200495
Ubuntu Security Notice 5872-1 - Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Ronald Crane discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.
de3eb59d3c62619fa7c1f1b9d8e86595187b3ae424b2453806af525f6ce5427e
WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a cross site request forgery vulnerability.
078ea2f052b0bdbecbdbb86ff5abadf7af3ecef36acd21e345034b86b58c3b8e
WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a missing authentication vulnerability that allows an attacker to delete media from the WordPress instance.
45afa719cdeb338f8d0beb9b6c68e717ebfe472417ebe348bbc34459b0250c7c
Ubuntu Security Notice 5870-1 - Ronald Crane discovered that APR-util did not properly handled memory when encoding or decoding certain input data. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.
661dd734bd3528dd32e900e26ba6bbf81244f1fdb73f913d44a8a516a0377c50
An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol object in the nested default_branch. GitLab will cache this object and then deserialize it when trying to load a user session, resulting in remote code execution.
01b86153e9b59cbce82f32a07b24098f2267f0bddf0bec3fcf3243c9d0b7d820
Red Hat Security Advisory 2023-0651-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution esigned for on-premise or private cloud deployments.
2dc2bf0f696c9442d10afefd4210d1c179d8ee45c8c762ce2c9f61999a7cb0ab
Red Hat Security Advisory 2023-0652-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.27. Issues addressed include denial of service and out of bounds read vulnerabilities.
7373618c8908434160feecfaaf515407448e4e5e9fa6fef9425fc021ee78de7e
It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Sonke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
a0d81d94905e121dcfc30d932d20767e962d7e2b238090a1a35620768e76e04a
Multiple versions of Korenix JetWave suffer from authenticated command injection and denial of service vulnerabilities.
855f389543c13d74be1ffa1c20556605349c2e7c25c9e761aad4692ec6b41a9d
OX App Suite suffers from cross site scripting and server-side request forgery vulnerabilities.
5da321216ffd148c932f83887a1cd3f3515a69d20e80fbfd6a71cda91af29547
Apple Security Advisory 2023-02-13-3 - Safari 16.3.1 addresses a code execution vulnerability.
9498cee58c1019eeed0d5adc044ca79c9cc1d10dff76bd3358878893d9cd0285
Arris Router Firmware version 9.1.103 authenticated remote code execution exploit that has been tested against the TG2482A, TG2492, and SBG10 models.
c888a848e11678625335a5e6746925d5f7f030e21217d0ca2ec6555b03d7a881
Red Hat Security Advisory 2023-0758-01 - This release of Red Hat build of Quarkus 2.13.7 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution, denial of service, deserialization, and information leakage vulnerabilities.
8b9c35c270302dba0c57430b447b9409f09807e208b11e539efb27db51a88a2a
When Microsoft released UTF-8 support for the -A interfaces of the Windows API, it appears to have introduced buffer overrun conditions.
fd54b53140cb0a9c16fc5520fcb15b03b3915d1e37bb7f97c426270dfbc79e9b
Debian Linux Security Advisory 5348-1 - Two vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which may result in denial of service, or bypass of access controls and routing rules via specially crafted requests.
224c181c90aebaf2cd3e11e055ffe407758e1f0eb58fbbf8a28fa2e8deb2729f
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.
0872dc1b82ff4cd7e8e4323faf5ee41a1f66ae80865d05429085b946355d86ee
Apple Security Advisory 2023-02-13-2 - macOS Ventura 13.2.1 addresses code execution and use-after-free vulnerabilities.
fdbefbd17eb97af76730b608dc7d442a50002fb2dd4e009a1e21cb028cd5c6ea
Ubuntu Security Notice 5871-1 - It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make Git uses its local clone optimization even when using a non-local transport. Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwrite a patch outside the working tree.
128cb1e7502d2d61fdd1584602c087a1f5064941c47244e330913b10810fc2ea
Red Hat Security Advisory 2023-0759-01 - PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database.
3a013aeebb819c40241eb21209dadcee7a0a0e72fc7a6f0edd34cc1a1875f4a7
BMC Control M versions prior to 9.0.20.214 suffer from SQL injection, denial of service, and information leaks.
663462fd5f2483f44a7d0a8af7ced5264562e74d1760e52757133faa7d990a6d
Red Hat Security Advisory 2023-0632-01 - Logging Subsystem 5.4.11 - Red Hat OpenShift.
bf899bbd419fd54940c09ac833ba4df8f15db322208d5ebc4b227f46fff13a7d
Ubuntu Security Notice 5869-1 - Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions.
4d5cc84dd53bab0941517013678604e3f03fdf2945096e2e25cce662ca9fa8b8
Apple Security Advisory 2023-02-13-1 - iOS 16.3.1 and iPadOS 16.3.1 addresses code execution and use-after-free vulnerabilities.
d89152ee8fb2142c43e87cd45bf4ef1e261abf40b7070b01da9441c3fc5c8a33