Ubuntu Security Notice 6912-1 - James Henstridge discovered that provd incorrectly handled environment variables. A local attacker could possibly use this issue to run arbitrary programs and escalate privileges.
e0dbb950650ffee9227bc95e04f82d63498894eebd4019dc3c14308edd63d54fGentoo Linux Security Advisory 202407-28 - A vulnerability has been discovered in Freenet, which can lead to deanonymization due to path folding. Versions greater than or equal to 0.7.5_p1497 are affected.
b874781e75809fcfce304bd0bd15cf7011b804983702419e24541daec542188bGentoo Linux Security Advisory 202407-27 - Multiple vulnerabilities have been discovered in ExifTool, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 12.42 are affected.
70b2c3a2a8c960c71bcd4a2608a6410fd215532ae908cfca040c366b7b0a7175Ubuntu Security Notice 6906-1 - It was discovered that python-zipp did not properly handle the zip files with malformed names. An attacker could possibly use this issue to cause a denial of service.
1a62349ae29e7d79554a4ffcd79d5f0ffd879f7828af8cd95227ea5825dabd0bSIM Wisuda version 1.0 suffers from an insecure direct object reference vulnerability.
7fed84c74a95aca63927ebf377895e9a07606b145886012809d45f932101a348SLiMS CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
40690990f8e7a9d69ac2a7722849376b960091b3430423c391d36914318f58b7Ubuntu Security Notice 6910-1 - Chess Hazlett discovered that Apache ActiveMQ incorrectly handled certain commands. A remote attacker could possibly use this issue to terminate the program, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Peter Stoeckli discovered that Apache ActiveMQ incorrectly handled hostname verification. A remote attacker could possibly use this issue to perform a person-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS.
2ae146c10db1dd391dc98c4fa06a3252bd241865630bfb4113b9433bc4f68d29Ubuntu Security Notice 6530-2 - Seth Manesse and Paul Plasil discovered that HAProxy incorrectly handled URI components containing the hash character. A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain path_end rules.
58168a762eb0c9cf33ac4f136c917cd582ae33ea9ebf9c0389eb492248ad3eccStarTask CRM version 1.9 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6e2fd2cbf7c7bffe7c302d4b461bf6f489fbda9665b18dc56c36e3c574b89861UBM CMS version 1.2 suffers from an insecure direct object reference vulnerability.
ca7cdb66f2dc41183a9aa7df2672ee5767e95408be450748fad9f7991aa97729Ubuntu Security Notice 6907-1 - Joshua Rogers discovered that Squid did not properly handle multi-byte characters during Edge Side Includes processing. A remote attacker could possibly use this issue to cause a memory corruption error, leading to a denial of service.
9c136fbdc40fa780322300ff78d451d018ef8f0e38ed960fa3d82de437e9c749TAIF LMS version 5.8.0 suffers from a remote shell upload vulnerability.
ba349faa2be4ef714aa164c5655faad9e8a44e970f5e25e60f66cee08f658427Gentoo Linux Security Advisory 202407-26 - A vulnerability has been discovered in Dmidecode, which can lead to privilege escalation. Versions greater than or equal to 3.5 are affected.
60e696031c25789dc73777144ea1e004dcb8f6420ee81844e6af977cda1ba447Ubuntu Security Notice 6911-1 - Arnaud Morin discovered that Nova incorrectly handled certain raw format images. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information.
8f717bc82952c168a0370701143e28cfffe9992338fcaf85126f67a805e5c78eUbuntu Security Notice 6908-1 - It was discovered that the Tomcat SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code.
7726e75bbe7b39bbdc84999efb427741b22bbfa118702c92655b75b6eafddeefVencorp version 2.1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1efa85ad70e114a1d0f8dac25bda7b473b55d33338cbdef57caf77c451658123Webdenim AppUI version 1.0 suffers from an insecure direct object reference vulnerability.
3418251e6b23a29fe38369d103a67d4c4c7e084f78a767a8b4660ce397493457Ubuntu Security Notice 6909-1 - It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue to cause Bind to become unstable, resulting in a denial of service. Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large number of RRs existing at the same time. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
306da0210b1902b737e1fa55bad21112997cf1e927d3439a48d391e725b8de48Red Hat Security Advisory 2024-4779-03 - An update for python3 is now available for Red Hat Enterprise Linux 9.
5e4fde04b6509c0f75db95e351d3c0b39a614b0e638863e55983d8e33e9da52bRed Hat Security Advisory 2024-4776-03 - An update for cups is now available for Red Hat Enterprise Linux 9.
d89bc212ad7799d2c619bc32e3ae3aa2d2f73aa653e55f76c564176979afa9f0Red Hat Security Advisory 2024-4774-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 9.
7a86bad3e1c41138d2d391d59a6b0f0d844eee195b29529c11ca3ac52e5afc41Red Hat Security Advisory 2024-4766-03 - An update for python3 is now available for Red Hat Enterprise Linux 9.
a5605b55a9d7b6936d66aa5ca4e3f1a5e06c020412e47f3799525716c5c5b048Red Hat Security Advisory 2024-4762-03 - An update for runc is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.
0c2f6f6f83deed431efe0ea68a94a76a8ee68b84da400d49cc1f8580a3d93126Red Hat Security Advisory 2024-4761-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.
518eb50066c2d4cfda49c6888a19313eb7982e56af1a991a5320fec23c6fbfa1Red Hat Security Advisory 2024-4757-03 - An update for libvirt is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.
791358d78547fbdfa6aef1937437d97deaee9956bc41ea04b0e20efcf5b2f77f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed