Ubuntu Security Notice 6092-1 - Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information. Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information.
d7e5b9e74183122ef1a06d8fb7224fe2527cfc66abe214adacfb74fd2fde6a92
CiviCRM version 5.59.alpha1 suffers from a persistent cross site scripting vulnerability.
fb8656ee1c35201c1ac4e4a5256172e19937245ddfd39f48aab653d7c4f2e4c4
Red Hat Security Advisory 2023-3167-01 - New Red Hat build of Cryostat 2.3.0 on RHEL 8 container images have been released, adding a variety of features and bug fixes. Issues addressed include a denial of service vulnerability.
30bcb0a597daf2139351661fff5b56f0cccaf69266f1c500fba3e230011a020d
ChurchCRM version 4.5.4 suffers from a cross site scripting vulnerability. Related CVE number: CVE-2023-31699.
1cef13f81fca74f1f1be50038d359524d192b4c9bd86189bc957c554555cdaab
Ubuntu Security Notice 6091-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.
651ba1a89cf9b5d5fcfc6ec7f0f13b73b41225a33fc642efba219a7eab3cd1ba
MobileTrans version 4.0.11 suffers from having a weak service permission vulnerability.
b5c0b13eb7b2bcaa442dfeb0fc7d258541a7ac1ebefd77f5f4083f487eb40f0a
Red Hat Security Advisory 2023-3229-01 - An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Important. Issues addressed include a bypass vulnerability.
58dc85ac55cc22509750b2260521c00727de41cdcf21f11fe312397d34539f8f
Filmora version 12 Build 1.0.0.7 suffers from an unquoted service path vulnerability.
d7e6ab84b73383d1389ef2f6d893e67aaa9ed1dd4fff240782beb124f44bd7d2
Ubuntu Security Notice 6090-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.
addcf4276faba9380882f43f0aa2701ba3c30a4872d00370de9952686c9ccc54
Bludit CMS version 3.14.1 suffers from a persistent cross site scripting vulnerability.
c763f7887a7cd8d09c3f415f238f727c5485294591378c8712913c8af09c36a3
Ubuntu Security Notice 6089-1 - It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
d7733ea3680714a70e7b2c6637cf17a3d21472fdbfbcb86a7d70a45b40c6f4bc
Red Hat Security Advisory 2023-0584-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.1. Issues addressed include a denial of service vulnerability.
7be1965b68a5cab579f6f098b763a99246b0ca9c39283d45624fd6cd77e6b90e
Red Hat Security Advisory 2023-3195-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site scripting, information leakage, and insecure permissions vulnerabilities.
1c0f371bbf2460cdbd44e6232d75191d859f20b812ef0b81b78a5414981c6bc1