Ivanti Endpoint Manager (EPM) 2022 SU5 and prior versions are susceptible to an unauthenticated SQL injection vulnerability which can be leveraged to achieve unauthenticated remote code execution.
afbe87d39c043c81d0f93f3553319f8d3bdf71f4fb0e22d349d23f26beab2503Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current 3.x.x release.
67e8dae1ca2468d90de4e601c87d5f31ff492b38e8ab8bcbd02ddf7104ed8a9fBotan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current 2.19.x release that reaches end-of-life at the end of 2024.
dfeea0e0a6f26d6724c4af01da9a7b88487adb2d81ba7c72fcaf52db522c9ad4Gentoo Linux Security Advisory 202407-23 - Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which could lead to a denial of service. Versions greater than or equal to 2021.08.24 are affected.
985ada0515e118faf1d96d2cd1c7334be0e5199276ab8d441c78a61a42b33adeUbuntu Security Notice 6886-1 - It was discovered that the Go net/http module did not properly handle the requests when request\'s headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that the Go net/http module did not properly validate the subdomain match or exact match of the initial domain. An attacker could possibly use this issue to read sensitive information. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
66197d055fed6c97073d4c955f114f48acbb90bca8321f4984ae151d375a3e75Ubuntu Security Notice 6880-1 - Sam Shahsavar discovered that Apache Tomcat did not properly reject HTTP requests with an invalid Content-Length header. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks.
a1b7658d93cbe9452fafc9962055ac3264eb70250edec2116b29a0ee545cc5aeUbuntu Security Notice 6885-1 - Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly sent certain request URLs with incorrect encodings to backends. A remote attacker could possibly use this issue to bypass authentication.
dc636ce74692d3f1a7da32825e61e1fcdc0b5d5a5413a13dc147dac6ff15aae4Red Hat Security Advisory 2024-4419-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
4074e254a33175b95fd87c662ad01c54b1b51d6eeac49179f5d4b64c0ca22b23Red Hat Security Advisory 2024-4418-03 - An update for less is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a code execution vulnerability.
6eea079d7a5f225b1311c93da86b2b506b874c224abade33d1c4e2e335ba9974Red Hat Security Advisory 2024-4417-03 - An update for libreswan is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
0de0b7f4bce6bb9c86b77198794ad864170d8f28f465de4e197a7f1f3e95e5aeRed Hat Security Advisory 2024-4416-03 - An update for less is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a code execution vulnerability.
9779f38d5c67590892cc95e98b9eeef26f2791044c7642d30a00bafc2de4c540Red Hat Security Advisory 2024-4415-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include privilege escalation and use-after-free vulnerabilities.
4e78c5c2984dafdeaa7ef19d7b6115e6b841a4b44e4585d641283fe2e653b972Red Hat Security Advisory 2024-4414-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
1e4659c7badb0b3665fa277ed30c1dac1c4bad1f7acce7032ef423f887039600Red Hat Security Advisory 2024-4413-03 - An update for pki-core is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.
39c072c9c9337ab758eb7d3423e1cd132aafe5621023f4c20da09c0b26d0f377Red Hat Security Advisory 2024-4412-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include privilege escalation and use-after-free vulnerabilities.
8f3a880b55e99c813f162538379e31b0db1ce6134a16f878bf8071d39dddcbb9Red Hat Security Advisory 2024-4411-03 - An update for booth is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
6f52d0f330c4c6e9e3c5c391a73d39248d5e66f3f293c3961d040d8a75848108Red Hat Security Advisory 2024-4409-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
0fb1a5af2cce4b077e6c3070f3c2604b3fb5adfe71319acd6e5419bff7a03d7eRed Hat Security Advisory 2024-4408-03 - An update for tpm2-tss is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
29438d2bb58a7c83391b1aa94314baf5fab981379bdc95e83f6cdfa449820550Red Hat Security Advisory 2024-4406-03 - An update for python3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include denial of service and traversal vulnerabilities.
fad9a8cb1ae41d406c1f5124652e152ff1cee7b8c5c85db5c53d7954b9dda8d8Red Hat Security Advisory 2024-4404-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
c03cf592c7cb1ac34ed11bb1841770020cd2c4c8777e44040a5361b4df6a8cfbRed Hat Security Advisory 2024-4403-03 - An update for pki-core is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a bypass vulnerability.
e37088f79413e96e952fe5ee8151fcdb994b3f65b0fea1c13541de571c2312fcRed Hat Security Advisory 2024-4402-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
3b51382e90ad9788491149689dfd6205c274ed1e4577fadbf0d7abb297f44e2cRed Hat Security Advisory 2024-4400-03 - An update for booth is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
ae4b51588149f371d1d2d3e6b67183ab34915e5a386099e58130af7cabc613f6Red Hat Security Advisory 2024-4392-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. Issues addressed include a denial of service vulnerability.
5231130a48c0022f15f16e388d438452f49ca96354b9e43113532b44d3e1c47cRed Hat Security Advisory 2024-4390-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a denial of service vulnerability.
5feffa32663b1147fdb17ba495209e37bd329e017d6d27e6bc30039d9803486b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed