Ubuntu Security Notice 6545-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
ed8f1270abdbd4bf7807cfa9dd7fc1ef9156b37591e7a5e6e09c1c6727c271f3
WordPress Backup Migration plugin versions 1.3.7 and below suffer from a remote code execution vulnerability.
203e34e920d3b9a7fe4d03e187ec4eba212c533383031415d2c9a09ba3f9606c
Red Hat Security Advisory 2023-7730-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
61b85ae2e691f9f55e53cb2b720c6b2d1753c975118cfb9b749df441e585077a
Red Hat Security Advisory 2023-7725-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug and security fixes.
ce2887c4aa6c3d380271fdd43ea09382303ba8eb1cb6f684ddd05e3193098874
Red Hat Security Advisory 2023-7716-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.
d3109a89a560cdaa260c574b07d6a406d5c23265e5bca754b5dfe3c4fdbd5f86
Red Hat Security Advisory 2023-7715-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
bc42ce6fc4194047f76975d311d726d129355768f0240d627eb8cbf9db4bddfd
Red Hat Security Advisory 2023-7714-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
3d26c4f99aebd1731f51d03f611a872f688dfd65f0f3c294529dd09f9a67a62b
Red Hat Security Advisory 2023-7713-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
dec71fa9c65bfd3df5c642c927f61839c4694ef7fd60d905f2a511c0699b1124
Red Hat Security Advisory 2023-7712-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 9.
cc6a6541d6428a24b54442ca94d86c83c60bd2d9e6cdee93935628db291c1901
Debian Linux Security Advisory 5573-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
6fae7b2aaaff25471cd4aad15ab381b34cbc82ff82460c7b982e9cea7bdbab4b
WordPress Contact Form to Any API plugin versions 1.1.6 and below suffer from a cross site request forgery vulnerability.
03ad6d7bbc688e1d575a7df7d7cd83f2c669c4b661b09e12af2cd32fdee22ca6
WordPress Bravo Translate plugin versions 1.2 and below suffer from a remote SQL injection vulnerability.
750d445c7417c2b636e7b6b368812a42a4f059377a25294366d7806ad1002d36
WordPress TextMe SMS plugin versions 1.9.0 and below suffer from a cross site request forgery vulnerability.
12636a2dc4070f3d1cfb26da3b75729cf8565ae526a71999643abe245617aa7a
Ubuntu Security Notice 6544-1 - It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
9f2d15cd39eb8aa25961b37f885531e1ac117b562c6ee00429e116f924ee59f1
Ubuntu Security Notice 6500-2 - USN-6500-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update.
68a0cfeb1732f51717395adcb7e4d77d2b664517f161aa855e01969edfb3dce4
Ubuntu Security Notice 6543-1 - It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could use this issue to cause tar to crash, resulting in a denial of service.
1b5f9ba1531b9c1ea795013be38479deba88a0032a72cacb68a8fb561038c4ca
Red Hat Security Advisory 2023-7711-03 - An update for apr is now available for Red Hat Enterprise Linux 9. Issues addressed include an integer overflow vulnerability.
d68b3332e6c495eae279014532c2df390f3e2cd62a16db7cc3c647b3bdc6bf75
Red Hat Security Advisory 2023-7710-03 - An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.12. Issues addressed include a privilege escalation vulnerability.
4e89f8f7651a9810f876dec5813ba86b156d36d066086078eef0b81450bd11fb
Red Hat Security Advisory 2023-7709-03 - The components for Red Hat OpenShift for Windows Containers 8.1.1 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.
4b5eaf4b2fd61ddad5b506d12cbe3158e1fd3213f401166f513fa4b8226b9c80
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.
e628b4fab70edb4727715b23cf2931375a9f7685ac08f2c59ea498a178463a86
libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to ~/Downloads, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. This particular archive holds three proof of concept exploits.
642dbf93a2ac7ad97ec0e5940fb62ec821a66ce449bbde84890a9695362e981a
Microsoft Defender API and PowerShell APIs suffer from an arbitrary code execution due to a flaw in powershell not handling user provided input that contains a semicolon.
fe92bef621155fd9c83158e63e2b87c27bed041ce6cc8df753d8ab75d5fcd6af
ISPConfig versions 4.2.11 and below suffer from a PHP code injection vulnerability in language_edit.php.
d5776b6c39736c11bc5b6ee2bae4179fb341f58ff08665b96718f64ac8b63242
Ubuntu Security Notice 6542-1 - Wang Zhong discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.
7833a3fc04d517b6f475ed1d9dd3b655dec2114b56a64b23f172c1bc54cc487c
osCommerce version 4 suffers from a remote SQL injection vulnerability.
62e3c86662a5a7dc80a64578c1e8e84e6137000a8e5c4faf36b2fef3dddbaf32