BuilderRevengeRAT malware suffers from an XML injection vulnerability.
06a92cf3af2d7b768b41124661cc8658f6968b3e8ec5c7146d96230740e94053BuilderTorCTPHPRAT.b malware suffers from a cross site scripting vulnerability.
779a908026b59c1d0d2da3bab29188b2991ccfc898abdde62fde7f5db4c324fdBuilderTorCTPHPRAT.b malware suffers from a remote shell upload vulnerability.
8d9733d7274cdde0224260ece29f51a55b6d7dc7257578b1d353537b3ef2564aBuilderTorCTPHPRAT.b malware suffers from an insecure credential storage vulnerability.
203fbae5aaabf6e66aaddd76921835bee00a8725b58452044e089096ea5536c1BuilderPandoraRat.b malware suffers from an insecure credential storage vulnerability.
61e113c4979d768d734db50bb3f560d5dfe979415f3594bf7a62a20ce4ea172cBuilderOrcus malware suffers from an insecure credential storage vulnerability.
d75cda177fb441302f965cc6a7ac1f78a67e43c5d0108d73b9e23d587d7a3b2aBuilderOrcus malware suffers from an insecure permissions vulnerability.
08adfd4633b5340f5bce1887d957ff28212c57fa79290f3efea850e8aeb3c856Ubuntu Security Notice 5332-2 - USN-5332-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results.
2f3ab2b25a5365754856567ac7615085ba1c28af5d61f95f915e56f92bb1c7d2Ubuntu Security Notice 5333-1 - Chamal De Silva discovered that the Apache HTTP Server mod_lua module incorrectly handled certain crafted request bodies. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. James Kettle discovered that the Apache HTTP Server incorrectly closed inbound connection when certain errors are encountered. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.
f2274ed91214f319945db9e54998b586f4f769e3c012a411aff68bc284d9cb14Ubuntu Security Notice 5332-1 - Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results. It was discovered that Bind incorrectly handled certain crafted TCP streams. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 21.10.
a4994aaa2841edfa08cf6a3ec7db1b8502e811fd0d2b3e850e50b578b1dbc1caUbuntu Security Notice 5321-2 - USN-5321-1 fixed vulnerabilities in Firefox. The update didn't include arm64 because of a regression. This update provides the corresponding update for arm64. This update also removes Yandex and Mail.ru as optional search providers in the drop-down search menu.
5cc72ee019e90ddd67ed3c7447dd4af9639169738d4fbe29753f159b6c6a8f42Ubuntu Security Notice 5334-1 - It was discovered that man-db incorrectly handled permission changing operations in its daily cron job, and was therefore affected by a race condition. An attacker could possibly use this issue to escalate privileges and execute arbitrary code.
add317a5b70e25176f9c2f5d18c0835076f10094c0aa267e733a69d170fd2acdUbuntu Security Notice 5326-1 - It was discovered that FUSE is susceptible to a restriction bypass flaw on a system that has SELinux active. A local attacker with non-root privileges could mount a FUSE file system that is accessible to other users and trick them into accessing files on that file system, which could result in a Denial of Service or other unspecified conditions.
0f13d64ecbaa2b12059bb1588f8db131119cf3c35938ac23b6462cd8d6c0c8f5Red Hat Security Advisory 2022-0947-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the RHEL-8-CNV-4.10 OpenShift Virtualization 4.10.0 image.
a6829f504163c2976b89323d7274bcd4bc10d8262623c4c22f6c4f1daf8b83b0Red Hat Security Advisory 2022-0952-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration. Issues addressed include double free and null pointer vulnerabilities.
86ceff5e7e7fd2da1b1c3865f29341899cabbe6d105ac24e4c67a2d2676d4fe5Red Hat Security Advisory 2022-0951-01 - Expat is a C library for parsing XML documents. Issues addressed include code execution and integer overflow vulnerabilities.
336212c2c1cb70fe9f9cf1cc5dea09e7417703255f38a4eecbdee96db3af464eRed Hat Security Advisory 2022-0949-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a privilege escalation vulnerability.
00bbedfca2719402988db3dae344606e583bd998eeab1e6422935f31fa12ce35
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed