Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
5ec6028df29068d889c98489bf194a884b00831106fea1e921fea3c65f2003f5This Metasploit module exploits an authenticated administrator-level vulnerability in Atlassian Confluence, tracked as CVE-2024-21683. The vulnerability exists due to the Rhino script engine parser evaluating tainted data from uploaded text files. This facilitates arbitrary code execution. This exploit will authenticate, validate user privileges, extract the underlying host OS information, then trigger remote code execution. All versions of Confluence prior to 7.17 are affected, as are many versions up to 8.9.0.
b198d9755cf50ac9c6b86be9526d83c12bdaeab6e989721de64dd0ef6781f8d3LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in XsltResultControllerHtml.jsp.
44811fffdad55f59cab99ee680cea0158c35b26606a7a72215c8b74fff752970LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in UrlAccessibilityEvaluation.jsp.
62722fa4e4796c8ac819f4f74bff3b88e4c3207619569dd0af373cca85ccd325LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in main.jsp
6b2f2821d4c2d0424a401ff4ad365da2713d18f6c494dadd54e7fce8dfe51786LumisXP versions 15.0.x through 16.1.x have a hardcoded privileged identifier that allows attackers to bypass authentication and access internal pages and other sensitive information.
507655a40fa21c33f270fff3ee33944627b6c9719d3c667e8ec61677948d5b35Debian Linux Security Advisory 5728-1 - Phillip Szelat discovered that Exim, a mail transport agent, does not properly parse a multiline RFC 2231 header filename, allowing a remote attacker to bypass a $mime_filename based extension-blocking protection mechanism.
1319bc5df5d7620705633184f3bea1c784792378da27d5aeafbceffa69f5379fDebian Linux Security Advisory 5727-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation.
2523385fae70cf9d7e1b9deceb6dd134ddad7cc34eb85646a5da5277f602c176WordPress Poll Maker plugin version 5.3.2 suffers from a remote SQL injection vulnerability.
412661be72a0f1455977b2bc649510ea25f659ce8916ac1617c93065fb279cc6Ubuntu Security Notice 6891-1 - It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly used regular expressions vulnerable to catastrophic backtracking. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS.
fbe8fb1e1da71de79cf48d36a39bf43a4be9940567b335a2187326de0f10f8feUbuntu Security Notice 6892-1 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.
1be86e553b162ce9d9fd8fc31873fb51eaca06565f561d7ea634d412de51ed92Ubuntu Security Notice 6868-2 - Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
b3f1c888d3af0efd0c3b38e488343d19363e379f35a4e3ceb4e6c3fc7f27c109Ubuntu Security Notice 6866-3 - It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
cd531bd98e8b9bc6399b28fcdad6313e6b25ed3910dd56bf9af73db0843fc2b2ESET NOD32 Antivirus version 17.2.7.0 suffers from an unquoted service path vulnerability.
15433b833752badf84eb655e3ab8d18cc641b65960b6406504c020083f4be3fbRed Hat Security Advisory 2024-4505-03 - Moderate: An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include a denial of service vulnerability.
be785a878ed47b4c2ae5564f1a2a87714e37677e651795f85498ddac810ebb0cRed Hat Security Advisory 2024-4504-03 - An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a HTTP response splitting vulnerability.
ef9737cf760d7226130a844b4c1b6d25b6065b271e03de2f85945bb59a0e734dRed Hat Security Advisory 2024-4499-03 - An update for ruby is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
edebc8f5afe8726b51356da3155f8e6a70bc190c6c176f409446deb659378f5aRed Hat Security Advisory 2024-4464-03 - Red Hat Advanced Cluster Management for Kubernetes 2.10.4 General Availability release images, which apply security fixes and fix bugs. Issues addressed include a denial of service vulnerability.
84e08de1926cc6019639e72cc8e05ee0fd58b75b6ea1b0816b3adc945ee2ed83Red Hat Security Advisory 2024-4462-03 - An update for ghostscript is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a code execution vulnerability.
df6ac4e6527d489ea345f44f1cbc77c7a75c3237cada3a412c94b5454206114eRed Hat Security Advisory 2024-4460-03 - An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
d28a3b9ac11b67eb628452afa330ddead45cea49f0e9c771b9ba40d7d5cd1b38Red Hat Security Advisory 2024-4457-03 - An update for openssh is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
19e854189f84add142987e31e415aaf6c71b0ca17400f7114bed60097201c3e6Red Hat Security Advisory 2024-4456-03 - An update for python3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a traversal vulnerability.
4a9d9ea60dde4871c0b87e63a05eeadf708c75248213361a2e0527c8176cd4b5Red Hat Security Advisory 2024-4455-03 - Red Hat OpenShift Virtualization release 4.16.0 is now available with updates to packages and images that fix several bugs and add enhancements.
bc67c065b1a06b75ccaaa2758f02c4f131706248451c64dc4e25d90cdf8f1755Red Hat Security Advisory 2024-4321-03 - Red Hat OpenShift Container Platform release 4.15.21 is now available with updates to packages and images that fix several bugs and add enhancements.
d107cf3bafce3721d58cf74a69589eec0969a694b678432ff9feef150a95d648Red Hat Security Advisory 2024-2096-03 - Moderate: Logging for Red Hat OpenShift - 5.9.1.
b1da92ef4236fd816a8ea918eafff23fe20f4e61db11341b28a584844f50f0fa
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed