A privilege escalation vulnerability exists in the clfs.sys driver which comes installed by default on Windows 10 21H2, Windows 11 21H2 and Windows Server 20348 operating systems. This Metasploit module exploit makes use to two different kinds of specially crafted .blf files.
9aa5ede2ea03c876775407f0098c013dfd3c503cc4ebb1ee7306284def339699
Ubuntu Security Notice 6368-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. It was discovered that Thunderbird did not properly manage memory when handling WebP images. If a user were tricked into opening a malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code.
8d95e0118cdd19372dc4ff5235aa6a52784eef3641630f31f94c81a7e15db254
Red Hat Security Advisory 2023-5148-01 - Red Hat Integration Camel for Spring Boot 3.20.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include bypass and denial of service vulnerabilities.
b0954fc421046b904362a64bc1355a62d0f65f3a440cff6f4d97de9a4d265f11
Debian Linux Security Advisory 5497-1 - A buffer overflow in parsing WebP images may result in the execution of arbitrary code.
ad3befb7b686c256583e0e50a04e1df3f0429d81b5b6fcaaa703680831a6ed3b
Ubuntu Security Notice 6367-1 - It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code.
aaf87b74a4a839e647b2f99a873ab024401c6117b83f68855850111b917d2f7d
Red Hat Security Advisory 2023-5147-01 - A security update for Camel for Spring Boot 3.18.3.2 is now available. Issues addressed include bypass and denial of service vulnerabilities.
66396fdb7f1a3317d1bdabc7a31a25d0e1214a43a1cc54712ba36d28fdcd5a64
Debian Linux Security Advisory 5496-1 - A buffer overflow in parsing WebP images may result in the execution of arbitrary code.
c82c8662b4cb856cef00c651c37f65322490fdda603a29d98b698d651c861107
iSmile Soft CMS version 0.3.0 suffers from an add administrator vulnerability.
53c61e2d58e402521ca5973de27e7d6a518d7d159c7b44b1ce701814f8336b33
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
6047c75f9e79a9b0cc6d6c7632024a4126812bc212f52acf5d3c813cc7c9fb0b
Ubuntu Security Notice 6364-1 - It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.
91972b9a30d177eedb72329131d2be05233ba948220bc38cbbe0989077c92a30
Ubuntu Security Notice 6366-1 - It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser.
3aafc6d0eb1b6b6af93b8a2e7aa24bd4e2f58041707954910ca902da7600c204
Red Hat Security Advisory 2023-5143-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.122 and .NET Runtime 6.0.22. Issues addressed include a denial of service vulnerability.
495f48e531322a5c8a1c04b837bc279b8e05e57eae2389cec33a9eca0d2fd1d0
Red Hat Security Advisory 2023-5146-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.111 and .NET Runtime 7.0.11. Issues addressed include a denial of service vulnerability.
6c653cd18590bd863de7b041369f8ee0f4d482017e7fbb87aee2193d2bd6ec1f
islamnt CMS version 2.1.0 suffers from an add administrator vulnerability.
459140609c3884d950ad9fe4a6639059bcd27b1966c70c69285c3841c6942e9a
islamnt CMS version 2.1.0 suffers from a cross site scripting vulnerability.
9da3ffc464d21e2c887d8241061ae3ce06a1c69cd562b4ab23911bc70287d3e0
Red Hat Security Advisory 2023-4933-01 - Logging Subsystem 5.7.6 addresses an issues where LokiStack authorization is cached too broadly.
502e6e9888a0dfe72ee4bcd30135f5e4960dfba1e0b041541837e1efb9155bc5
Night Club Booking Software version 1.0 suffers from a cross site scripting vulnerability.
dff51d8b253d9631dee285face4809594062abc6803e40cbd31f7c69cd6e0641
Red Hat Security Advisory 2023-5142-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.122 and .NET Runtime 6.0.22. Issues addressed include a denial of service vulnerability.
da204f6db67c2d7877509d6e9d2faa3fc0c9d20459713b0c68f815790fe3beb1
Ubuntu Security Notice 6365-1 - It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations.
d61c866c47b627d6cda3352868ce3be2ce4c34eff8c2ce9f61d4d10445262364
Red Hat Security Advisory 2023-5144-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.122 and .NET Runtime 6.0.22. Issues addressed include a denial of service vulnerability.
1b02526e6400583d3514f1555cd490113a1d170eb7fc8fb3f554b604ec518f16
ImgHosting version 1.3 suffers from a cross site scripting vulnerability.
8c169afaf39b32fa5c563194367feecff6f19735b337600d64caa7b0f3c6b6a3
Red Hat Security Advisory 2023-5145-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.111 and .NET Runtime 7.0.11. Issues addressed include a denial of service vulnerability.
6dd409e6285b1cd98e843932933a49a0d974aa0f050231f8813b962c3aef7651