Ubuntu Security Notice 6215-1 - It was discovered that dwarves incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause dwarves to crash, resulting in a denial of service, or possibly execute arbitrary code.
e07747602b73f33b12053c5b0f6288e13374cf58552fb34e05ce7cc97220714eRed Hat Security Advisory 2023-4023-01 - The kpatch management tool provides a kernel patching infrastructure which allows you to patch a running kernel without rebooting or restarting any processes. Issues addressed include privilege escalation and use-after-free vulnerabilities.
bb19060c56cc93ea5beaac41a5c092eb253d9dbee5e0c07a2273201586005b42Debian Linux Security Advisory 5451-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
2fef250ae36f73a954e99af8aaef2cac84175b12dc6b4cc849e67a4d5f3c9eddMastery LMS version 1.2 suffers from a cross site scripting vulnerability.
df1ab19ed773ecb611e8af937577fa991f662db9c0116d936263bb36c1c15451Academy LMS version 5.15 suffers from a cross site scripting vulnerability.
1a65b4807d383e2ac0b1fd564132b36e9531df1b5cc8ffaebf45c7c7dbf452e9Red Hat Security Advisory 2023-4021-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.
59320c11285257619cea8798e7d09a09f3476afd6318e4285d3b6553371d7d9dUbuntu Security Notice 6214-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicious Diagcab file, an attacker could execute arbitrary code.
632510b7ad5f4bba744eb7afbe58717906b3533fa418bcf6ffd3dc64704f32f6Articart version 2.0.1 suffers from cross site scripting and open redirection vulnerabilities.
0e86e54d6917acbb183a78372f92a8bb20086a464e6acf9ed136ea886cf3431eUbuntu Security Notice 6213-1 - It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code.
980d73e9a285a0e5a6edcac5abb3315820b523ac3246c06dad801f91c3f1d33bUbuntu Security Notice 6210-1 - It was discovered that Doorkeeper incorrectly performed authorization checks for public clients that have been previous approved. An attacker could potentially exploit these in order to impersonate another user and obtain sensitive information.
6f5ab1ae52118a0d7f658669b14b4e125dbbe2f9630d0760b486c4deed3f1ca9Kyocera TASKalfa 4053ci versions 2VG_S000.002.561 and below suffers from path traversal, user enumeration, and denial of service vulnerabilities.
8f98f61289398ff48410d29a031c0479bcf0c9c03755e429c829c920ebf3b6c3Red Hat Security Advisory 2023-4020-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.
1dd27954c6021f4fbbb932ebb9b70b31bf610607999f58a892b6af68f9601b71Atlas Business Directory Listing version 2.13 suffers from cross site scripting vulnerabilities.
3d4e740d7ca1ead8559622b33cce977e4fb0d6fb03604bdc26f3e912185041a0OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
333ac831c8f1a6dbd7feb897339bba453ff34d3b0f4cfaa6b5a20dba55c8e985Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
4e18e755a8bbc6bf96fac916fbf072ecd06740c72a72017c27162e4c0b4725feRed Hat Security Advisory 2023-4022-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, privilege escalation, and use-after-free vulnerabilities.
6679354c1eb1ecd1b70d4eb5276fb3b001896f92d73908c889b857bcdc03154cDebian Linux Security Advisory 5450-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.
aee3d9fefef395cac30e6820e4b33f0372ca2db8f79144b43b8a2e3191d281b4Red Hat Security Advisory 2023-4005-02 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
f6223709ba384856ff3504cf0d138128c26d5610164ad777b49365b2338f0b65Ekushey Project Manager CRM version 5.0 suffers from a persistent cross site scripting vulnerability.
d883df1b66be0a46250b195c81625b32cebe6f15853d328c2844fc7dff341a52Red Hat Security Advisory 2023-4003-01 - As a Kubernetes user, I cannot connect easily connect services from one cluster with services on another cluster. Red Hat Application Interconnect enables me to create a service network and it allows geographically distributed services to connect as if they were all running in the same site. Issues addressed include a denial of service vulnerability.
3dd00e84e0da1c5c1edeaa0a26bd971bfab3a639be101a9c1603c4b46458cfceSuper Store Finder version 3.6 suffers from a remote SQL injection vulnerability.
344ec2ac83687e8ff00e695b7ac4fcd6a8f5e96be25032a3053604d79e330859Red Hat Security Advisory 2023-4004-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
bb4930cafe5b0554ca3f0d5e3ffc47d4fdfe210a39dd5a81d610b8995f57c981QuickOrder version 6.3.7 suffers from a remote SQL injection vulnerability.
e6245218bb9ae091ac09d5355535bc84ae10dd1668c70492e0db7bfe5eef981bUbuntu Security Notice 6212-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.
bd5d659fe3dcc152d1d36a6e0b13b981a2040167876fb3f43ab34e88dd762ec4Ateme TITAN File version 3.9 suffers from a server-side request forgery vulnerability that allows for file enumeration.
effb353a9f5359aa01480c360ee3c285aae8e678818f7d46c2f3644e50c4f925
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed