Ubuntu Security Notice 6545-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
ed8f1270abdbd4bf7807cfa9dd7fc1ef9156b37591e7a5e6e09c1c6727c271f3WordPress Backup Migration plugin versions 1.3.7 and below suffer from a remote code execution vulnerability.
203e34e920d3b9a7fe4d03e187ec4eba212c533383031415d2c9a09ba3f9606cRed Hat Security Advisory 2023-7730-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
61b85ae2e691f9f55e53cb2b720c6b2d1753c975118cfb9b749df441e585077aRed Hat Security Advisory 2023-7725-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug and security fixes.
ce2887c4aa6c3d380271fdd43ea09382303ba8eb1cb6f684ddd05e3193098874Red Hat Security Advisory 2023-7716-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.
d3109a89a560cdaa260c574b07d6a406d5c23265e5bca754b5dfe3c4fdbd5f86Red Hat Security Advisory 2023-7715-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
bc42ce6fc4194047f76975d311d726d129355768f0240d627eb8cbf9db4bddfdRed Hat Security Advisory 2023-7714-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
3d26c4f99aebd1731f51d03f611a872f688dfd65f0f3c294529dd09f9a67a62bRed Hat Security Advisory 2023-7713-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
dec71fa9c65bfd3df5c642c927f61839c4694ef7fd60d905f2a511c0699b1124Red Hat Security Advisory 2023-7712-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 9.
cc6a6541d6428a24b54442ca94d86c83c60bd2d9e6cdee93935628db291c1901Debian Linux Security Advisory 5573-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
6fae7b2aaaff25471cd4aad15ab381b34cbc82ff82460c7b982e9cea7bdbab4bWordPress Contact Form to Any API plugin versions 1.1.6 and below suffer from a cross site request forgery vulnerability.
03ad6d7bbc688e1d575a7df7d7cd83f2c669c4b661b09e12af2cd32fdee22ca6WordPress Bravo Translate plugin versions 1.2 and below suffer from a remote SQL injection vulnerability.
750d445c7417c2b636e7b6b368812a42a4f059377a25294366d7806ad1002d36WordPress TextMe SMS plugin versions 1.9.0 and below suffer from a cross site request forgery vulnerability.
12636a2dc4070f3d1cfb26da3b75729cf8565ae526a71999643abe245617aa7aUbuntu Security Notice 6544-1 - It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
9f2d15cd39eb8aa25961b37f885531e1ac117b562c6ee00429e116f924ee59f1Ubuntu Security Notice 6500-2 - USN-6500-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update.
68a0cfeb1732f51717395adcb7e4d77d2b664517f161aa855e01969edfb3dce4Ubuntu Security Notice 6543-1 - It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could use this issue to cause tar to crash, resulting in a denial of service.
1b5f9ba1531b9c1ea795013be38479deba88a0032a72cacb68a8fb561038c4caRed Hat Security Advisory 2023-7711-03 - An update for apr is now available for Red Hat Enterprise Linux 9. Issues addressed include an integer overflow vulnerability.
d68b3332e6c495eae279014532c2df390f3e2cd62a16db7cc3c647b3bdc6bf75Red Hat Security Advisory 2023-7710-03 - An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.12. Issues addressed include a privilege escalation vulnerability.
4e89f8f7651a9810f876dec5813ba86b156d36d066086078eef0b81450bd11fbRed Hat Security Advisory 2023-7709-03 - The components for Red Hat OpenShift for Windows Containers 8.1.1 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.
4b5eaf4b2fd61ddad5b506d12cbe3158e1fd3213f401166f513fa4b8226b9c80Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.
e628b4fab70edb4727715b23cf2931375a9f7685ac08f2c59ea498a178463a86libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to ~/Downloads, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. This particular archive holds three proof of concept exploits.
642dbf93a2ac7ad97ec0e5940fb62ec821a66ce449bbde84890a9695362e981aMicrosoft Defender API and PowerShell APIs suffer from an arbitrary code execution due to a flaw in powershell not handling user provided input that contains a semicolon.
fe92bef621155fd9c83158e63e2b87c27bed041ce6cc8df753d8ab75d5fcd6afISPConfig versions 4.2.11 and below suffer from a PHP code injection vulnerability in language_edit.php.
d5776b6c39736c11bc5b6ee2bae4179fb341f58ff08665b96718f64ac8b63242Ubuntu Security Notice 6542-1 - Wang Zhong discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.
7833a3fc04d517b6f475ed1d9dd3b655dec2114b56a64b23f172c1bc54cc487cosCommerce version 4 suffers from a remote SQL injection vulnerability.
62e3c86662a5a7dc80a64578c1e8e84e6137000a8e5c4faf36b2fef3dddbaf32
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed