Ubuntu Security Notice 6715-1 - It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash.
90500728052033e5941baa0debec66d17de2cf01ce56e1158e2523b231aff382
Ubuntu Security Notice 6719-1 - Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information.
ca6568bf9c3d47e1fa51be307d45564e306e622e9860f212c34d8a91f5a5e9de
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
46bd0f4474337144b30816fb2d8f14e72a26d0391f24fe0b7b619acdcdad8c0c
Event Management version 1.0 suffers from a remote SQL injection vulnerability.
5135d01cd318616d2a8b1711363d2378d7b2686ffcd1083f2936d0248e4164fd
The util-linux wall command does not filter escape sequences from command line arguments. The vulnerable code was introduced in commit cdd3cc7fa4 (2013). Every version since has been vulnerable. This allows unprivileged users to put arbitrary text on other users terminals, if mesg is set to y and wall is setgid. CentOS is not vulnerable since wall is not setgid. On Ubuntu 22.04 and Debian Bookworm, wall is both setgid and mesg is set to y by default.
c3644f61b4f68f9fafd4782ffb69bd4b73d2b6ff8ac981711c3329c0a8408077
The 13th International Workshop on Cyber Crime, or IWCC, 2024 call for papers has been announced. It will take place July 30th through August 2nd, 2024 in Vienna, Austria.
1733e3ae10dcafe0a95572942e32ff6c6d0ff3ba67769c57dd88c93c006e53e6
The server in Circontrol Raption versions through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2) is vulnerable to OS command injection.
2a13323836730c890a63f333a24fcfb62637513c16193386327b7be986133bb0
Apple Security Advisory 03-25-2024-1 - Safari 17.4.1 addresses code execution and out of bounds write vulnerabilities.
f471ba7362f0f2b90319b73a7dc453ffcc58fe3527cb6cd08febf40e4748b5be
Red Hat Security Advisory 2024-1557-03 - An update is now available for Red Hat OpenShift Builds 1.0. Issues addressed include denial of service and traversal vulnerabilities.
d29131168c6739c5f0e4cc9ca1fc6e36a8598723c0d447439443d07a778f5f03
Red Hat Security Advisory 2024-1555-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
d54151bacb05204bba9e5815332d0b2dc57e10762149b6a53a140110b66a0156
Red Hat Security Advisory 2024-1554-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
83824ae558a589ad40270cf3400f18a45b628d62f041edcab023885a5dd3d023
Dell Security Management Server versions prior to 11.9.0 suffer from a local privilege escalation vulnerability.
265530e02c210729e3640de0f5f23192ea5b21cae936f5ed87be61a93898f695
Red Hat Security Advisory 2024-1553-03 - An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
30063cb073472365838f87d661f1130cf3a33293c62da11e429b2ab2ba96dba0
Red Hat Security Advisory 2024-1552-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
32501da709d2c9da666f8fa0b5b3db3389b9ca903bc3a5b59b0f3095f927deea
Red Hat Security Advisory 2024-1549-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug and security fixes. Issues addressed include a traversal vulnerability.
613d16768e9453ed32d3909631e18954f65e67b01b9f4224704d674f28b94e98
Red Hat Security Advisory 2024-1545-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.
6d39b9eda6e5d29e0e08583b1035ea45733058060bd2b0ab5476fa86f07636dd
Red Hat Security Advisory 2024-1544-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
8d6947f4e3101dfe04b20bbb3ae830e7dfd57b406038e317ea2a6fc0f87e7bdb
Red Hat Security Advisory 2024-1543-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
acffe01fb5ff57defec5ec2a6269ed6386116513913de74d19d65127c368faff
Red Hat Security Advisory 2024-1538-03 - An update for cnf-tests-container, dpdk-base-container, performance-addon-operator-must-gather NUMA-aware secondary scheduler, numaresources-operator is now available for Red Hat OpenShift Container Platform 4.12.
2a8ae5dc5326d3cae4397b5faa8148eb17d26e5c9b9db21409f3ff87f2656fcc
Ubuntu Security Notice 6686-5 - It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
2cf164acfc4647fa9f9d903eb698a241428bb60c804a90e576400594cbc4ac09
Apple Security Advisory 03-25-2024-2 - macOS Sonoma 14.4.1 addresses code execution and out of bounds write vulnerabilities.
aa1fea3125ddd9a33b68d4eb2f5f45f2cb316680beb32f3c34b1ae1698937f06
Purei CMS version 1.0 suffers from a remote SQL injection vulnerability.
49145a8ded157d117fc08cb54211098512a41f3d792bba94457249d4e633af9c
Workout Journal App version 1.0 suffers from a persistent cross site scripting vulnerability.
4b4377b2f91858e8fe3f26542f71de50ed7f461bf1202b6e0d6ab51cb382144f
LMS PHP version 1.0 suffers from a remote SQL injection vulnerability.
049c8de17cf497bf303930585481eadeb964f519906d25f2f09f96d1d4f41c47
Asterisk AMI version 18.20.0 suffers from authenticated partial file content and path disclosure vulnerabilities.
616b45986a6e97b2ba327758ffa9a1c224a4e92e3b4968de364f6df455139bbc