Debian Linux Security Advisory 4924-1 - Multiple denial of service vulnerabilities were discovered in the Squid proxy caching server.
bb078100916e24e9f6fab4cdffd1581bfb25135effcfd1ea0796c419492e9ab7Debian Linux Security Advisory 4925-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
09ec229ca6840202bfdbf708f98d63f641c195baf0610b351002f0358e983ebfDebian Linux Security Advisory 4926-1 - It was discovered that lasso, a library which implements SAML 2.0 and Liberty Alliance standards, did not properly verify that all assertions in a SAML response were properly signed, allowing an attacker to impersonate users or bypass access control.
08b4234df9f67ce6f83c65e4a968d07d2850e3fecb674a809062330aa85eaef6Debian Linux Security Advisory 4927-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. In adddition two security issues were addressed in the OpenPGP support.
e0ff5e33191b62087e62de2b5a2c3cca3dcca60fb85771f7235a7b857d2bbe9dDebian Linux Security Advisory 4928-1 - A buffer overflow was discovered in HTMLDOC, a HTML processor that generates indexed HTML, PS, and PDF, which could potentially result in the execution of arbitrary code. In addition a number of crashes were addressed.
3adb57fed9a36d431320feca7d132e363d603300766a7e07b042afae3d855b4aDebian Linux Security Advisory 4929-1 - Multiple security issues were discovered in the Rails web framework which could result in denial of service.
1091a50f475f452b0b0e98ad4fba5c90bfa36bbf394db0cec250f9a1ae236f7dDebian Linux Security Advisory 4930-1 - Multiple vulnerabilities were discovered in libwebp, the implementation of the WebP image format, which could result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed images are processed.
076fcd6e03ca2eaad59debb93804cc23a1e47de27f0e9ebd6b36555e46e51cacDebian Linux Security Advisory 4931-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service or information leaks.
253cc2500792fc288b35ca43884dc8a6c704282897366ece804cdf0be5ad85a5Debian Linux Security Advisory 4932-1 - Multiple security vulnerabilities were discovered in Tor, a connection-based low-latency anonymous communication system, which could result in denial of service or spoofing.
18890b4acb8c50dc00ffb546ccde2e0a2dc9cfcb68bc471f1cfc92b5084e2dddDebian Linux Security Advisory 4933-1 - Multiple vulnerabilities were discovered in nettle, a low level cryptographic library, which could result in denial of service (remote crash in RSA decryption via specially crafted ciphertext, crash on ECDSA signature verification) or incorrect verification of ECDSA signatures.
2215cb9496006024c8f5c103dd9ae8a1ceb2a93d6d2ff478f20730eb50d664afDebian Linux Security Advisory 4934-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities which could result in privilege escalation in combination with VT-d and various side channel attacks.
2333b3dca40ab7a756d37096ebf7a8e5e4f9fd7e2cb4a90a65fe71679e34f909This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin versions from 7.0.0 through 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable server.
fab2eeb88db6a1f9b11eed6c490a6ca021dd6f8237a47b405d41bd041a36af45Ubuntu Security Notice 4997-2 - USN-4997-1 fixed vulnerabilities in the Linux kernel for Ubuntu 21.04. This update provides the corresponding updates for the Linux KVM kernel for Ubuntu 21.04. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Various other issues were also addressed.
16f2c8cca9066cef3cbb8b6417110467cabb0932233c1b98fecf1f6a500fac6bConstructor.Win32.Bifrose.asc malware suffers from buffer overflow and heap corruption vulnerabilities.
f9de4beeccabbbacc6f282a0c87fbb59cbf7fb3821fe1d204bf99e19e0bb2667WordPress YOP Polls plugin version 6.2.7 suffers from a persistent cross site scripting vulnerability.
37dfd8abad79e4b69350ef7295da874458a3b9b294f44696d84f80fef21ddd14Personnel Record Management System version 1.0 unauthenticated administrator addition exploit that also adds a stored cross site scripting payload.
c9257cef037dacedb3db4a1a6b67bd2fc2ac61defffc09745ac32d35d356bbcbNetgear WNAP320 version 2.0.3 suffers from an unauthenticated remote code execution vulnerability.
f55265a3529db3a819eee1b0f00df0a280e909fc77f24c6ee5747d5c6d90f7d4Trojan-Dropper.Win32.Scrop.dyi malware suffers from an insecure permissions vulnerability.
b441fde6d9d688819e5a6d44c127c549633b249a0905d34d885c9ae37e5210fePersonnel Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
2776b79bc1477dd0a9d6f3c66f393968ec921589928f2bb358a7296cf68a94b8This is a tool that was developed to run as alternative "/init". The program will make an Android phone show up as mass storage device during boot. The complete internal storage is available for reading including the partition table and all 42 partitions of the Android system.
26d0ccdaf2d09a37294e6090603335263cb221373194e10a191870af77f5fe23Email-Worm.Win32.Trance.a malware suffers from an insecure permissions vulnerability.
b7be52e55d136dca9ba0d96625eb0e3b7ad168eb430c19ccfa05d14f47f0ac2aWhitepaper called Smart Contract Automated Testing Guidelines that provides guidance on automation.
2637d58d1c7c59b0e8b57db8f391f84b9a001dcc6d498f48455236de4f4f2d0aAndroid version 2.0 exploit for FreeCIV versions 2.2 before 2.2.1 and 2.3 before 2.3.0 that achieves root.
84eaa0c13185db927fae6be271159ea3fe9f56dcc09261d86facb183be5d57c7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed