Perten Instruments Process Plus Software versions 1.11.6507.0 and below suffer from local file inclusion, hardcoded credential, and execution with unnecessary privilege vulnerabilities.
92c6be9a95dec36f75c305fd1ec54275736478e25459c036cab67f945826b0f2Ubuntu Security Notice 6905-1 - It was discovered that Rack incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
f1fb99c460c408c54600bfb86185879ad2833e7b4ce66083ea2f2adece4c2d2bUbuntu Security Notice 6904-1 - It was discovered that PyMongo incorrectly handled certain BSON. An attacker could possibly use this issue to read sensitive information or cause a crash.
fcdec1b07b070a6622feb7e4235b0acc1f1a048b493cbdd384578b9850c079a6tc is a low-tech free software to chat anonymously and ciphered over Tor circuits in PGP. Use it to protected your communication end-to-end with RSA/DSA encryption and keep yourself anonymously reachable by anyone who only knows your .onion address and your public key. All this and more in 3278 lines of C code that compile and run on BSD and Linux systems with an IRC like GUI. As this is a rolling release and does not have an official build yet, the prior version on Packet Storm was replaced with this updated code base.
6c67a5801efc2a283234e2f35e78d64c742c4135b8931a73f5ed69073993ef33Red Hat Security Advisory 2024-4717-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
2a02b4915e8c2ff33295c851f4ef088aa4f068b2b322aa2a9c78f8ec187cc6e7Red Hat Security Advisory 2024-4713-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and use-after-free vulnerabilities.
3a72ee436dc05f0c47719e8dbc954c6eb8dec748f207f0ae84336bb6fd1420e9Red Hat Security Advisory 2024-4697-03 - An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
79070c148d2d5eb975b74c2c5ab3519c00b0290a075521ddedb9a1ce6d400eb7Ubuntu Security Notice 6898-4 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.
8b053de7161b766a9cba5511fe20d03faf97b54bcfcc24fb43aa58677af61c15Ubuntu Security Notice 6893-3 - It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
7f62f78668bc36911b1f96b40c020e8124cd85ad4a7b7ca69e27900327bdb441Ubuntu Security Notice 6896-5 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.
df9560dc3783d3d4a0c9d99e6352e1f6ea6dd5c66518086f9ad8789fbd721813LMS ZAI version 6.1 suffers from an ignored default credential vulnerability.
ac6f91ffe20c571e57ac0c8a6aef0c5437b2d37e5f53c46ef41059f24100b7dbQuick Job version 2.4 suffers from an insecure direct object reference vulnerability.
ed619defcb18f94880d7fdc150758b05fc052d89b88cf6c32eda99ac714a326bPPDB ONLINE version 1.3 appears to suffer from an administrative page disclosure issue.
567512dc29f3191d46966af5a6dd1339474aa567f65e1c6564dccda43acadad3PHP MaXiMuS version 2.5.2 suffers from a cross site scripting vulnerability.
f7f012f0611c7ac312b6b0ad3df48db019ad64a1683b0a0e3c97146f444edd95NUKE SENTINEL version 2.5.2 suffers from a cross site scripting vulnerability.
04959e224e4d66c86926b38e058df306a652f0dbf3a13e5a864ba731b33ed47cMinfotech CMS version 2.0 suffers from a remote SQL injection vulnerability.
c70371f0daa1616ffe4fc66938a433e31d91535c9593510fb4fccef1fdbc587eeDesign CMS version 2.0 suffers from an insecure direct object reference vulnerability.
55a4eca00e7267d8d4d5cdd94c2b99447eef8059c06cab914a3401ebda7966f2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed