Ubuntu Security Notice 6954-1 - Markus Frank and Fiona Ebner discovered that QEMU did not properly handle certain memory operations, leading to a NULL pointer dereference. An authenticated user could potentially use this issue to cause a denial of service. Xiao Lei discovered that QEMU did not properly handle certain memory operations when specific features were enabled, which could lead to a stack overflow. An attacker could potentially use this issue to leak sensitive information.
5c70c34349ef05f8fd57112b4c93197e6bf74e580c97f6d8cc62a176442cefd3
WordPress MapFig Studio plugin versions 0.2.1 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
bb373228013ea4da17857eacb046e2ed58e688e52aab0abc39365db5b8ba412c
Debian Linux Security Advisory 5743-2 - Multiple cross-site scripting vulnerabilities were discovered in RoundCube webmail.
5f8dfd77f70bc46b1b413f2ff2f11fba302881ec002792cfe6fc0a48263c564b
There is an architectural and design issue in Microsoft's PlayReady which can be successfully exploited to gain access to license server by arbitrary clients. The problem has its origin in flat certificate namespace / reliance on a single root key in PlayReady along with no authentication at the license server end by default (deemed as no bug by Microsoft).
ed22257eef3a2135b2af77d7c2f00a9ce66b0b7c3b3aefd2205eb5140d64e5c9
Ubuntu Security Notice 6950-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
104ac502cb413414c029ce1afea7a7125c6a91b2c0b2f41ab80523d51200d7f0
WordPress Profilepro plugin versions 1.3 and below suffer from a persistent cross site scripting vulnerability.
668088aaae0dfd4b8b6db629ceeb041239e3ddf9233ec6d6aa0f3004259f968c
Debian Linux Security Advisory 5747-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
681fbead1045bb89c67ccc16ba3dc800a976b5fa19d6823e08cbfac850de4ba1
WordPress Light Poll plugin versions 1.0.0 and below suffer from multiple cross site request forgery vulnerabilities.
426a33d39db525b60c4ea22023682e881dcccb43bcd8dfaaa2a6ff1157612ad1
Ubuntu Security Notice 6957-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
1b6c671ad22c716b20a65f830f590ef38c4830f15665bdd63a827e4614b24266
WordPress PVN Auth Popup plugin version 1.0.0 suffers from a persistent cross site scripting vulnerability.
0f8377dd916fdca1fa0da6fa1d350a2c8fe955fa8474d24cf307c6f650dcf065
Ubuntu Security Notice 6956-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
f464d432d9b36ce1075f907239578c853edeab79402ddca247833a78cc930be9
Giftora version 1.0 suffers from a cross site request forgery vulnerability.
7071cbb4889154761d9ae9cf373afbb5f77faa3e9e23cfede27fd5c5a660ad25
Gas Agency Management version 2022 suffers from a remote shell upload vulnerability.
6c17fe79de711c815f80f52c8d6759462e6a9f2dab8e22dd42f3f3547209332c
Ubuntu Security Notice 6955-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
f52294c61eaa6af90fd8451686e8bc506a5d1b65dae9073f40211e6668f02be8
Farmacia Gama version 1.0 Farmacia Gama version 1.0 suffers from a cross site request forgery vulnerability.
54c9db8b6277d282699823fdb83ba0f1b4aa2c95b1aa9fef358765f2383e0613
Employees Pay Slip PDF Generator System version 1.0 suffers from a cross site request forgery vulnerability.
2152f0c2adc29a0e29edd4a8aee7099d950ab129ab0cf9dee9ef2e0365f9d0a4
Bakery Shop Management System version 1.0 suffers from a cross site request forgery vulnerability.
3654863058f09649db284f346cf2ee9501e70a9d157f569b64c35ba13742a4d1
Red Hat Security Advisory 2024-5256-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include code execution, denial of service, and use-after-free vulnerabilities.
0364e1f848cca0714a4dedc20b2f74df3b16b5a14f26781a6806b7394a5ed821