Debian Linux Security Advisory 5560-1 - Florian Picca reported a bug the charon-tkm daemon in strongSwan an IKE/IPsec suite.
5a1f2db0cf804134a1732977a4abea781e62ddaade859b0bb3eda79fe9c3e42d
Ubuntu Security Notice 6490-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
d35bfaa2f5bcc9080ab733d02c9fe09161108b6505edc3ee149515eb5f62da3a
Ubuntu Security Notice 6488-1 - Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code.
7ffb104625b55bdf8d0c050ca960b947b669a817f6f1d3a5c481c108244fc04d
Ubuntu Security Notice 6489-1 - Brian McDermott discovered that Tang incorrectly handled permissions when creating/rotating keys. A local attacker could possibly use this issue to read the keys.
2724168d9400370e70a75b1ac8a5bba75de31f472f668121cf09fd02fe969e3c
Red Hat Security Advisory 2023-7379-01 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
10af29b2ee571cfdc73109a090a81253b129ea2deaccb532ab757bfaaa1448ca
Red Hat Security Advisory 2023-7361-01 - An update for ncurses is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
f626c64145e50b386c449df8eca2347adbea2ffa0864abfe30d31b9a5796b8ae
Ubuntu Security Notice 6487-1 - Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service.
9cc9f38ae6308173c22d92fc8859b403636eeb52e789ea698e5b0d9b2fea95b2
Ubuntu Security Notice 6486-1 - It was discovered that iniParser incorrectly handled certain files. An attacker could possibly use this issue to cause a crash.
696ec1126cd2a867e851ba347e36ba4eae92a6cda600ce175f198109bc753a31
Debian Linux Security Advisory 5559-1 - A vulnerability was discovered in the SSH dissector of Wireshark, a network protocol analyzer, which could result in denial of service or potentially the execution of arbitrary code.
f53cfd0c26249d59a5bc7c2d494baef81ce35819cea5f655aec41b69b294b168
Debian Linux Security Advisory 5558-1 - Two security vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework.
23d44cf0ae6f714d7e561de1cde1502c1854f5a0c48f997685f74b83329351c0
Magento version 2.4.6 XSLT server-side injection proof of concept exploit.
ae81950e2fc15cf464a8175e05b574b8b5b2ed4aba982fabb1e7d86affd1d181
PHPJabbers Availability Booking Calendar version 5.0 suffers from multiple cross site scripting vulnerabilities.
7cf4da384ddf91888b28e80ca91dd483868925ffa51a0fa47fb2f70b641bd891
PHPJabbers Availability Booking Calendar version 5.0 suffers from a CSV injection vulnerability.
1a5e47cc48a53b2f6ce24557ed61fc375f9844fd5715973020417e71993dcae0
GaatiTrack Courier Management System version 1.0 suffers from multiple cross site scripting vulnerabilities.
69b4c989295e684f41164bf1381739b3ef737b45c20dc3c3a37046d2d3811dbd
Jorani Leave Management System version 1.0.2 suffers from a host header injection vulnerability.
bc2711283c28607516dfbaa6255081510178e2b648e462fc258213b1a077942b
FireBear Improved Import and Export version 3.8.6 for Magento 2.4.6 suffers from an XSLT server-side injection vulnerability that allows for command execution.
df34e619c87b7e586946acac49e63f30ac9fb2932315a44429238bc3e51eb867
Shuttle Booking Software version 2.0 suffers from multiple persistent cross site scripting vulnerabilities.
0de1511989924034ad40508fd410e62fa8897b9c0b905b4404ade0b31b19452a
Red Hat Security Advisory 2023-7345-01 - An update is now available for Red Hat OpenShift GitOps 1.9. Issues addressed include a denial of service vulnerability.
7f590d3a92f6ce15ac98a79e4571a8c30ee7f3e6aff78e8619d203362f7d12b5
Red Hat Security Advisory 2023-7344-01 - An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.9. Issues addressed include a denial of service vulnerability.
0e97dfb4dff737d1e8128de6c336e92e6dc73608eb82205c29dbbe035eb30750
Red Hat Security Advisory 2023-6837-01 - Red Hat OpenShift Container Platform release 4.14.2 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a cross site scripting vulnerability.
033165e28f7bf20dbc03dbc4965a99c19056dfd29e4ba7b76a2b3dcc4109c0cf
Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.
724c22317e7ce1e7013ae1b752c091860a18eae1c3aa2a3edb49c88616e8824b
Ubuntu Security Notice 6485-1 - Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some Intel Processors did not properly handle certain sequences of processor instructions. A local attacker could possibly use this to cause a core hang , gain access to sensitive information or possibly escalate their privileges.
34400a8514f637a776a7cfed865888aec2c25dbd2d4592b6ab4923b2c7175934
Debian Linux Security Advisory 5557-1 - WebKitGTK has vulnerabilities. Junsung Lee discovered that processing web content may lead to a denial-of-service. An anonymous researcher discovered that processing web content may lead to arbitrary code execution.
710c12a392c1608d028476cf8738b50a4006dbed3c4673fef485996272d5642c
Magento version 2.4.6 suffers from an XSLT server side injection vulnerability that allows for remote command execution.
f9be4bd2cd3a935d1b1911f4dc66750b1b4e10e9f0e0a5d9921fedffe77d7f52
Red Hat Security Advisory 2023-7342-01 - An update for cnf-tests-container, dpdk-base-container and performance-addon-operator-must-gather-rhel8-container is now available for Red Hat OpenShift Container Platform 4.11. Secondary scheduler builds and numaresources-operator are also available for technical preview with this release, however they are not intended for production.
91e828fcb5b05d38eb43d43dbf732dd801ef1a0b0edf1c0214fc80ad7fcb45a6