Red Hat Security Advisory 2023-1479-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.
f8d79d3bdce21e3df66b2991b5745ddf3b6bd31b8d8e621519f240fc125bfaafBoxBilling versions 4.22.1.55 and below suffer from a remote code execution vulnerability.
6e59fbe468fead5a4191e76bf74361a19de1ba2b8e6b5604dcfb35095342aea9Apple Security Advisory 2023-03-27-3 - macOS Ventura 13.3 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
cb75f6c37534e8f4215e6f7a345a9fb3a56b1318a90f16c63dcb93ae4ed9d148Tapo C310 RTSP server version 1.3.0 suffers from an unauthorized video stream access vulnerability.
170c044bd6bcf23ff4b350fe2720d26d25aed6bdfb18705b917219f671e010bfApple Security Advisory 2023-03-27-2 - iOS 15.7.4 and iPadOS 15.7.4 addresses code execution, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
727ce864b571911a1db87fd1c22cd9afa9aa45d6cc5ac3fb120d696344962c24Ubuntu Security Notice 5975-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.
55a2fbec6479385655d2d83595dfcf36b5ab0bc7b371d27631fa268db1102ed8SugarSync version 4.1.3 suffers from an unquoted service path vulnerability.
55037f9fc378999b0dd446661454b26aeb67331ad993ac4257ddc722d63c67adHDD Health version 4.2.0.112 suffers from an unquoted service path vulnerability.
8393ec9706e83a38f5916ad915dd9562d1746a32ea7f14558160f4963089113eUbuntu Security Notice 5974-1 - It was discovered that GraphicsMagick was not properly performing bounds checks when processing TGA image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted TGA image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that GraphicsMagick was not properly validating bits per pixel data when processing DIB image files. If a user or automated system were tricked into processing a specially crafted DIB image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
7ea27cb3a38cff5a0c8bad949c6dd1e461ab1eb50381661f2ce89696c5df6f0cWordPress Jetpack plugin version 11.4 suffers from a cross site scripting vulnerability.
3ceaf797647de4108f92a76d5b936b7c111f3523b7c04d5ea66e199a17b6c652Red Hat Security Advisory 2023-1408-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.9. Issues addressed include an out of bounds read vulnerability.
d349eaedb9842fdb1354c03756e40a23009660fcf59f41703437c054900a73ccOnline Shopping System Advanced version 1.0 suffers from code execution, cross site scripting, and remote SQL injection vulnerabilities.
d016e73da19bd9b2b318eea4c377983be13ee45418a1cb5e83aed5c8218cce71Apple Security Advisory 2023-03-27-1 - iOS 16.4 and iPadOS 16.4 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
7cf02a5429f677335b3e85e292f307419d32759e73ffd0964b3e10037f9e4867Ubuntu Security Notice 5973-1 - It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or to perform a server-side request forgery attack or open redirect attack. It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass input validation. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
57c8ab2dff3d2904d378629565d2b4364871c8c8700c2c0e611678d09e4d6277SuperMailer version 11.20 suffers from a denial of service vulnerability.
fce09fe1e664b145fb82d4610710f0b790baf06694c3c787181354d57cf07c1bYouPHPTube versions 7.8 and below suffer from local file inclusion and directory traversal vulnerabilities.
fb3e42eecf910a2436823c9d614a4b6500e8b3b9637e0652a2e73e9fc8287070Beauty Salon version 1.0 suffers from a remote shell upload vulnerability.
83176cdbc6fac7bfcb64ea33d5b87412f89dd2c6fd208487f141a3594ec380e1OpenSSL Security Advisory 20230328 - Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Other issues were also addressed.
45f093de13d28951a80600fc57f75878cc0706b4029a8f138eace8cbf3ce7b22
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed