Ubuntu Security Notice 6375-1 - Florian Fainelli discovered that atftp did not properly manage requests made to a non-existent file, which could lead to a crash. A remote attacker could possibly use this issue to cause a denial of service.
87b1f1f1cd62afaddbb90da46ad86bb39822267fa6b9071827444f7f89fa4966
Ubuntu Security Notice 6374-1 - It was discovered that Mutt incorrectly handled certain email header content. If a user were tricked into opening a specially crafted message, a remote attacker could possibly use this issue to cause a denial of service.
f43b9ca6702c797da3b9e1f477722006d1bff4f0b458560a502f8388d602dc5a
Ubuntu Security Notice 6373-1 - It was discovered that gawk could be made to read out of bounds when processing certain inputs. If a user or an automated system were tricked into opening a specially crafted input, an attacker could possibly use this issue to cause a denial of service.
e60ffba5f3bb81c9112e7d48cf85156e475a09fb25c3890104bb5881627d701c
Academy LMS version 6.2 suffers from a remote SQL injection vulnerability.
60ba8c76bd0eb02333720bc090002bd53b67764c699e854a6f33a627b1b3b8d9
Academy LMS version 6.2 suffers from a cross site scripting vulnerability.
ab903de4cac73d4180cfabab35569161b036616fb83e8fa267959be5f88f5dbe
Red Hat Security Advisory 2023-5175-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Issues addressed include a memory leak vulnerability.
a0644a1d0fab135233266c995fe3af9950bc821b3ce5fe9a79fee01d5f4cf347
Red Hat Security Advisory 2023-5174-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.
2fdaa8b5f0dc250ed2da73afa69ef3e080f58dfd68093bf0794cf51de36bc34b
Ubuntu Security Notice 6372-1 - It was discovered that DBus incorrectly handled certain invalid messages. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.
77950841454559f452cc580fd75cb7d9665da0eccce76f315f21b7a044614fa3
Ubuntu Security Notice 6371-1 - It was discovered that libssh2 incorrectly handled memory access. An attacker could possibly use this issue to cause a crash.
ca1345180427317e7618f6a4891905034942360a30f8b0e5529ad75e8f192271
Red Hat Security Advisory 2023-5165-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. Issues addressed include code execution, denial of service, deserialization, and integer overflow vulnerabilities.
c7bacd29d694aaaaf457349ec19016b4d130ffc214bfce870fe209e62bdbdd3c
Red Hat Security Advisory 2023-5170-01 - This release of Red Hat build of Quarkus 2.13.8 includes security updates, bug fixes, and enhancements. Issues addressed include a bypass vulnerability.
b59326339c51d7463d80d6c1f1fb994ec210ef8d7661d8fdd5176a047f5caa6a
Ubuntu Security Notice 6370-1 - It was discovered that ModSecurity incorrectly handled certain nested JSON objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that ModSecurity incorrectly handled certain HTTP multipart requests. A remote attacker could possibly use this issue to bypass ModSecurity restrictions.
a91e67eee18472678e2846c574b2535bcfb24598bdbebf873cf85a058f9c8879
Ubuntu Security Notice 6369-1 - It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code.
23ae9fc2ccef2354d52f28e5174597a4f02ca159a0c22d4bc315821b12043040
Italia Mediasky CMS version 2.0 suffers from a cross site scripting vulnerability.
40107ad7e0248b89ee4a5168b2f33468eea195398330a8429c3d55738f0a39e0
Italia Mediasky CMS version 2.0 suffers from a cross site request forgery vulnerability.
19566b085034b9506d451da2980c9823d53d965d9fe5e9ffba15004bb36d89ea
Chrome suffers from a read-only property overwrite in TurboFan.
339e46027cc8b8c66cb28ff3c463ad6c47cf6f8ffb6529887e6307d9537ad24c
A privilege escalation vulnerability exists in the clfs.sys driver which comes installed by default on Windows 10 21H2, Windows 11 21H2 and Windows Server 20348 operating systems. This Metasploit module exploit makes use to two different kinds of specially crafted .blf files.
9aa5ede2ea03c876775407f0098c013dfd3c503cc4ebb1ee7306284def339699
Ubuntu Security Notice 6368-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. It was discovered that Thunderbird did not properly manage memory when handling WebP images. If a user were tricked into opening a malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code.
8d95e0118cdd19372dc4ff5235aa6a52784eef3641630f31f94c81a7e15db254
Red Hat Security Advisory 2023-5148-01 - Red Hat Integration Camel for Spring Boot 3.20.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include bypass and denial of service vulnerabilities.
b0954fc421046b904362a64bc1355a62d0f65f3a440cff6f4d97de9a4d265f11
Debian Linux Security Advisory 5497-1 - A buffer overflow in parsing WebP images may result in the execution of arbitrary code.
ad3befb7b686c256583e0e50a04e1df3f0429d81b5b6fcaaa703680831a6ed3b
Ubuntu Security Notice 6367-1 - It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code.
aaf87b74a4a839e647b2f99a873ab024401c6117b83f68855850111b917d2f7d
Red Hat Security Advisory 2023-5147-01 - A security update for Camel for Spring Boot 3.18.3.2 is now available. Issues addressed include bypass and denial of service vulnerabilities.
66396fdb7f1a3317d1bdabc7a31a25d0e1214a43a1cc54712ba36d28fdcd5a64
Debian Linux Security Advisory 5496-1 - A buffer overflow in parsing WebP images may result in the execution of arbitrary code.
c82c8662b4cb856cef00c651c37f65322490fdda603a29d98b698d651c861107
iSmile Soft CMS version 0.3.0 suffers from an add administrator vulnerability.
53c61e2d58e402521ca5973de27e7d6a518d7d159c7b44b1ce701814f8336b33
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
6047c75f9e79a9b0cc6d6c7632024a4126812bc212f52acf5d3c813cc7c9fb0b