Debian Linux Security Advisory 5560-1 - Florian Picca reported a bug the charon-tkm daemon in strongSwan an IKE/IPsec suite.
5a1f2db0cf804134a1732977a4abea781e62ddaade859b0bb3eda79fe9c3e42dUbuntu Security Notice 6490-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
d35bfaa2f5bcc9080ab733d02c9fe09161108b6505edc3ee149515eb5f62da3aUbuntu Security Notice 6488-1 - Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code.
7ffb104625b55bdf8d0c050ca960b947b669a817f6f1d3a5c481c108244fc04dUbuntu Security Notice 6489-1 - Brian McDermott discovered that Tang incorrectly handled permissions when creating/rotating keys. A local attacker could possibly use this issue to read the keys.
2724168d9400370e70a75b1ac8a5bba75de31f472f668121cf09fd02fe969e3cRed Hat Security Advisory 2023-7379-01 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
10af29b2ee571cfdc73109a090a81253b129ea2deaccb532ab757bfaaa1448caRed Hat Security Advisory 2023-7361-01 - An update for ncurses is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
f626c64145e50b386c449df8eca2347adbea2ffa0864abfe30d31b9a5796b8aeUbuntu Security Notice 6487-1 - Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service.
9cc9f38ae6308173c22d92fc8859b403636eeb52e789ea698e5b0d9b2fea95b2Ubuntu Security Notice 6486-1 - It was discovered that iniParser incorrectly handled certain files. An attacker could possibly use this issue to cause a crash.
696ec1126cd2a867e851ba347e36ba4eae92a6cda600ce175f198109bc753a31Debian Linux Security Advisory 5559-1 - A vulnerability was discovered in the SSH dissector of Wireshark, a network protocol analyzer, which could result in denial of service or potentially the execution of arbitrary code.
f53cfd0c26249d59a5bc7c2d494baef81ce35819cea5f655aec41b69b294b168Debian Linux Security Advisory 5558-1 - Two security vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework.
23d44cf0ae6f714d7e561de1cde1502c1854f5a0c48f997685f74b83329351c0Magento version 2.4.6 XSLT server-side injection proof of concept exploit.
ae81950e2fc15cf464a8175e05b574b8b5b2ed4aba982fabb1e7d86affd1d181PHPJabbers Availability Booking Calendar version 5.0 suffers from multiple cross site scripting vulnerabilities.
7cf4da384ddf91888b28e80ca91dd483868925ffa51a0fa47fb2f70b641bd891PHPJabbers Availability Booking Calendar version 5.0 suffers from a CSV injection vulnerability.
1a5e47cc48a53b2f6ce24557ed61fc375f9844fd5715973020417e71993dcae0GaatiTrack Courier Management System version 1.0 suffers from multiple cross site scripting vulnerabilities.
69b4c989295e684f41164bf1381739b3ef737b45c20dc3c3a37046d2d3811dbdJorani Leave Management System version 1.0.2 suffers from a host header injection vulnerability.
bc2711283c28607516dfbaa6255081510178e2b648e462fc258213b1a077942bFireBear Improved Import and Export version 3.8.6 for Magento 2.4.6 suffers from an XSLT server-side injection vulnerability that allows for command execution.
df34e619c87b7e586946acac49e63f30ac9fb2932315a44429238bc3e51eb867Shuttle Booking Software version 2.0 suffers from multiple persistent cross site scripting vulnerabilities.
0de1511989924034ad40508fd410e62fa8897b9c0b905b4404ade0b31b19452aRed Hat Security Advisory 2023-7345-01 - An update is now available for Red Hat OpenShift GitOps 1.9. Issues addressed include a denial of service vulnerability.
7f590d3a92f6ce15ac98a79e4571a8c30ee7f3e6aff78e8619d203362f7d12b5Red Hat Security Advisory 2023-7344-01 - An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.9. Issues addressed include a denial of service vulnerability.
0e97dfb4dff737d1e8128de6c336e92e6dc73608eb82205c29dbbe035eb30750Red Hat Security Advisory 2023-6837-01 - Red Hat OpenShift Container Platform release 4.14.2 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a cross site scripting vulnerability.
033165e28f7bf20dbc03dbc4965a99c19056dfd29e4ba7b76a2b3dcc4109c0cfWebfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.
724c22317e7ce1e7013ae1b752c091860a18eae1c3aa2a3edb49c88616e8824bUbuntu Security Notice 6485-1 - Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some Intel Processors did not properly handle certain sequences of processor instructions. A local attacker could possibly use this to cause a core hang , gain access to sensitive information or possibly escalate their privileges.
34400a8514f637a776a7cfed865888aec2c25dbd2d4592b6ab4923b2c7175934Debian Linux Security Advisory 5557-1 - WebKitGTK has vulnerabilities. Junsung Lee discovered that processing web content may lead to a denial-of-service. An anonymous researcher discovered that processing web content may lead to arbitrary code execution.
710c12a392c1608d028476cf8738b50a4006dbed3c4673fef485996272d5642cMagento version 2.4.6 suffers from an XSLT server side injection vulnerability that allows for remote command execution.
f9be4bd2cd3a935d1b1911f4dc66750b1b4e10e9f0e0a5d9921fedffe77d7f52Red Hat Security Advisory 2023-7342-01 - An update for cnf-tests-container, dpdk-base-container and performance-addon-operator-must-gather-rhel8-container is now available for Red Hat OpenShift Container Platform 4.11. Secondary scheduler builds and numaresources-operator are also available for technical preview with this release, however they are not intended for production.
91e828fcb5b05d38eb43d43dbf732dd801ef1a0b0edf1c0214fc80ad7fcb45a6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed