Ubuntu Security Notice 6954-1 - Markus Frank and Fiona Ebner discovered that QEMU did not properly handle certain memory operations, leading to a NULL pointer dereference. An authenticated user could potentially use this issue to cause a denial of service. Xiao Lei discovered that QEMU did not properly handle certain memory operations when specific features were enabled, which could lead to a stack overflow. An attacker could potentially use this issue to leak sensitive information.
5c70c34349ef05f8fd57112b4c93197e6bf74e580c97f6d8cc62a176442cefd3WordPress MapFig Studio plugin versions 0.2.1 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
bb373228013ea4da17857eacb046e2ed58e688e52aab0abc39365db5b8ba412cDebian Linux Security Advisory 5743-2 - Multiple cross-site scripting vulnerabilities were discovered in RoundCube webmail.
5f8dfd77f70bc46b1b413f2ff2f11fba302881ec002792cfe6fc0a48263c564bThere is an architectural and design issue in Microsoft's PlayReady which can be successfully exploited to gain access to license server by arbitrary clients. The problem has its origin in flat certificate namespace / reliance on a single root key in PlayReady along with no authentication at the license server end by default (deemed as no bug by Microsoft).
ed22257eef3a2135b2af77d7c2f00a9ce66b0b7c3b3aefd2205eb5140d64e5c9Ubuntu Security Notice 6950-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
104ac502cb413414c029ce1afea7a7125c6a91b2c0b2f41ab80523d51200d7f0WordPress Profilepro plugin versions 1.3 and below suffer from a persistent cross site scripting vulnerability.
668088aaae0dfd4b8b6db629ceeb041239e3ddf9233ec6d6aa0f3004259f968cDebian Linux Security Advisory 5747-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
681fbead1045bb89c67ccc16ba3dc800a976b5fa19d6823e08cbfac850de4ba1WordPress Light Poll plugin versions 1.0.0 and below suffer from multiple cross site request forgery vulnerabilities.
426a33d39db525b60c4ea22023682e881dcccb43bcd8dfaaa2a6ff1157612ad1Ubuntu Security Notice 6957-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
1b6c671ad22c716b20a65f830f590ef38c4830f15665bdd63a827e4614b24266WordPress PVN Auth Popup plugin version 1.0.0 suffers from a persistent cross site scripting vulnerability.
0f8377dd916fdca1fa0da6fa1d350a2c8fe955fa8474d24cf307c6f650dcf065Ubuntu Security Notice 6956-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
f464d432d9b36ce1075f907239578c853edeab79402ddca247833a78cc930be9Giftora version 1.0 suffers from a cross site request forgery vulnerability.
7071cbb4889154761d9ae9cf373afbb5f77faa3e9e23cfede27fd5c5a660ad25Gas Agency Management version 2022 suffers from a remote shell upload vulnerability.
6c17fe79de711c815f80f52c8d6759462e6a9f2dab8e22dd42f3f3547209332cUbuntu Security Notice 6955-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
f52294c61eaa6af90fd8451686e8bc506a5d1b65dae9073f40211e6668f02be8Farmacia Gama version 1.0 Farmacia Gama version 1.0 suffers from a cross site request forgery vulnerability.
54c9db8b6277d282699823fdb83ba0f1b4aa2c95b1aa9fef358765f2383e0613Employees Pay Slip PDF Generator System version 1.0 suffers from a cross site request forgery vulnerability.
2152f0c2adc29a0e29edd4a8aee7099d950ab129ab0cf9dee9ef2e0365f9d0a4Bakery Shop Management System version 1.0 suffers from a cross site request forgery vulnerability.
3654863058f09649db284f346cf2ee9501e70a9d157f569b64c35ba13742a4d1Red Hat Security Advisory 2024-5256-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include code execution, denial of service, and use-after-free vulnerabilities.
0364e1f848cca0714a4dedc20b2f74df3b16b5a14f26781a6806b7394a5ed821
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed