Ubuntu Security Notice 6005-2 - USN-6005-1 fixed vulnerabilities in Sudo. This update provides the corresponding updates for Ubuntu 16.04 LTS. Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly escaped control characters in log messages and sudoreplay output. An attacker could possibly use these issues to inject terminal control characters that alter output when being viewed.
74fc9208943e3a32ca93a64030fef69aee6cea018ebef0b7092877920e7625ed
Ubuntu Security Notice 6110-1 - It was discovered that Jhead did not properly handle certain crafted Canon images when processing them. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. It was discovered that Jhead did not properly handle certain crafted images when printing Canon-specific information. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. It was discovered that Jhead did not properly handle certain crafted images when removing unknown sections. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service.
80d98d0254469a1b51c8abd253d4b4b966ea15e367a3f13db88f0323aeab0bb8
Ubuntu Security Notice 6097-1 - It was discovered that Linux PTP did not properly perform a length check when forwarding a PTP message between ports. A remote attacker could possibly use this issue to access sensitive information, execute arbitrary code, or cause a denial of service.
3d7edb5a58eec77633a82d5c64512fbce172738d389e141a849d6ff7a072fbb8
Debian Linux Security Advisory 5415-1 - Two security issues were discovered in LibreOffice, which could potentially result in the execution of arbitrary code when loading a malformed spreadsheet document or unacknowledged loading of linked documents within a floating frame.
b27b03556ced9e9e09210b77f8b2ed4a4c103405a522b1cd9b043b091bc1cada
Debian Linux Security Advisory 5412-1 - Several vulnerabilities were discovered in libraw, a library for reading RAW files obtained from digital photo cameras, which may result in denial of service or the execution of arbitrary code if specially crafted files are processed.
b0104fc127d3c8bfcb4c5e52e2e58cfda45af83b1d343bb53c15510a397156a2
Debian Linux Security Advisory 5414-1 - Jose Gomez discovered that the Catalog API endpoint in the Docker registry implementation did not sufficiently enforce limits, which could result in denial of service.
9c8e08284137c6665e70202298f98f7ebf0978306e6991e1a98ae9ff2ff01552
New MVC Shop version 1.0 suffers from remote SQL injection and missing attribute vulnerabilities.
c1b40aec9eb372ff9cd5a4cff29271a8df8d3fedfc4274f9e046058eaa80e539
Simple Customer Relationship Management CRM 2023 version 1.0 suffers from a remote SQL injection vulnerability.
285e8f6ae7ee9b90299b635cefdb4e7b115a2a1bf605db59f2801bc204f4e67e
It appears that sites designed by e-Biz Technocrats Pvt.Ltd suffer from a remote SQL injection vulnerability. As they do not provide any sort of versioning with their offerings, the researcher was unable to provide affected versions. Versions as of May 11, 2023 were affected.
92cf79073e5009f343666e2a43e0a350c61dd730a3d354ea6bc3bd1d42f1ee8d
Jobs Portal version 3.6 appears to leave default credentials installed after installation.
f267635edf702421f090f420167604e54f42579ebdd5e8887bf5d9cdfbef0879
Camaleon CMS version 2.7.0 suffers from a server-side template injection vulnerability.
34f7d878b820c06a0c255c7ff0a016c2722c19698a3424d8da2d5754b3b6daa1