Ubuntu Security Notice 5489-1 - Alexander Bulekov discovered that QEMU incorrectly handled floppy disk emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak sensitive information. It was discovered that QEMU incorrectly handled NVME controller emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.
5e7afcf473dc350167fc86323143e719c2f4a10a84ed04040691851b4e79d4b6Ubuntu Security Notice 5488-1 - Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run.
5a9ce5992671e1b5986783112d991cf1a7ac72fd0b20a0774485aa00e5df67c0SAP Focused Run Simple Diagnostics Agent version 1.0 suffers from a directory traversal vulnerability.
21f7a32eca5fb5a3b8445fec64e7ee2ee32522fbdc628503458df594e9a7032bSAP Focused Run Simple Diagnostics Agent version 1.0 suffers from an information disclosure vulnerability.
e6bbb17d10e51c2a6468f2275ea1b37f96888236eb62d3802793851e50ffdccdThe SAP Fiori launchpad suffers from a cross site scripting vulnerability. Various component versions are affected.
db47646a2f3d2bb8348e08cb11a244ee0d30ad7a58eb9df5ec57aa33b272ac5dSAP Focused Run Simple Diagnostics Agent version 1.0 suffers from a missing authentication vulnerability.
5c8014f4a69c7fe9a551e4725cc39d20b7a332930fd0b9c44139ca795ce4f0e4SAP Focused Run versions 2.00 and 3.00 suffer from a cross site scripting vulnerability.
2277fba0775e46b0814879b36b6340c560ce3825acdc9d2a5bff7b238e6c20e9OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
bf61b62aaa66c7c7639942a94de4c9ae8280c08f17d4eac2e44644d9fc8ace6fUbuntu Security Notice 5487-1 - It was discovered that Apache HTTP Server mod_proxy_ajp incorrectly handled certain crafted request. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a denial of service. It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a crash or expose sensitive information.
860ae55cf114ac7087a571ee5ee1f0fecc2575519481edd586ad7e933ae883adRed Hat Security Advisory 2022-5132-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.
bfca0ba942391c6a43c9f8d48bf4d26fb94e10f853c2bf23fb873d2cf0db5c07OpenSSL Security Advisory 20220621 - In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review.
a632f42aad9bc1de330d7aef358f76b215a0921218449031cf1f2077b68dff3a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed