Ubuntu Security Notice 5307-1 - Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. It was discovered that the QEMU vhost-user GPU device contained several security issues. An attacker inside the guest could use these issues to cause QEMU to crash, resulting in a denial of service, leak sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10.
93c74c6aff190d655abe77b615cbb1fdb9e7fd27501547e3980eeee5e03af9e9Ubuntu Security Notice 5306-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
4707e6455db6e67f13deff36f5a237a548085e428fab6e3fa9ad01323dd3f307Casdoor version 1.13.0 suffers from a remote SQL injection vulnerability.
93062cdead6d8c30acd5f911a8c586515a0dee480dc4c1ced674d065a997669bUbuntu Security Notice 5305-1 - Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.34 in Ubuntu 20.04 LTS and to 10.5.15 in Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
815bfa1ab915305e12d2a8aa42fa36c26e97c9bb08144e2f919e5d498502d721Cipi Control Panel version 3.1.15 suffers from a cross site scripting vulnerability.
868be8a473f07ef8b17ba1fb7a561625c3b8913ea800d024beeb177f822e4165Ubuntu Security Notice 5304-1 - Kevin Backhouse discovered that PolicyKit incorrectly handled file descriptors. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service.
d4fe0dc859ca9f481562f7719091c3c6f63d05c071bed985bd5ecb5558850e9cWAGO 750-8212 PFC200 G2 2ETH RS suffers from a privilege escalation vulnerability.
be01109a1136b5015b1371e991c44772c948affadfbeb6d826fffcd6d452fad3Ubuntu Security Notice 5303-1 - It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.
eac3ef8542d9946db383117234b5345b135eed10bf4036c82db688ec31e6cf88Cobian Backup Gravity version 11.2.0.582 suffers from an unquoted service path vulnerability.
64e3a74be268225c622d589847ccf65815d277873fde892561818f6632661f33Cobian Backup 11 Gravity version 11.2.0.582 suffers from a denial of service vulnerability.
7cc796f5d2b9ff46619e6c2311da217d3c4465a40bc7151cf9164d8b4ee7cfefCobian Reflector version 0.9.93 RC1 suffers from a denial of service vulnerability.
06a66f18fc87a716d53e8170ada3441809054f1c9b46c353c76ccff80db6f707Red Hat Security Advisory 2022-0682-01 - OpenShift GitOps v1.3.4 on OCP 4.7-4.9 Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.
2a065937d0d658441015a3945dc5716db5be87649f22c19ccb83de2aa84dafafWhitepaper called PE Infection that discusses portable execution injection and exploitation. Written in Arabic.
e0534cb924c64a357ac0fc2ed8a017fc1a7e5701279ab670c791cde630d32ab9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed