Ubuntu Security Notice 6903-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Ronald Crane discovered that Thunderbird did not properly manage certain memory operations in the NSS. An attacker could potentially exploit this issue to cause a denial of service.
ef4b61c19ba1cf89ba89cd01bfc4d81fcf08875ddab9da8ccaa5a0275782a54cAdobe Commerce and Magento Open Source are affected by an XML injection vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction. Versions Affected include Adobe Commerce and Magento Open Source 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8, and earlier. This exploit uses the arbitrary file reading aspect of the issue to impersonate a user.
6dc2631d3032a832f090c548531e8b8f77ef41c5778c811973c0342b99b373e0Xhibiter NFT Marketplace version 1.10.2 suffers from a cross site scripting vulnerability.
a7a598cb46f77d150039a39dbd055a562324f7c75d337f3dfdd9ed322b34d82ceStore CMS version 2.0 suffers from a remote SQL injection vulnerability.
de369a0ae5b5244b3ab433e9d7d07ec19ac008a8083d31f1bf7a032e4ffa3c9bClenix version 1.0 suffers from an insecure direct object reference vulnerability.
c8cfbe1e1565830e6a6d2555376f8475ad918a45655a551c1e92d3dbe0868c58Candy Redis version 2.1.2 appears to suffer from an administrative page disclosure issue.
a69f6d9ff9e980b9fb601fdda46e646f965883d799286eaeb71003e83fe8c43dAgop CMS version 1.0 suffers from an insecure direct object reference vulnerability.
1ed22de09e417dcaed8d9f03d8d62abd6b70fc4587552e70a4bdbce253d3011bRed Hat Security Advisory 2024-4673-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
6aaa85cf49f4c6acb05f34b57097bbd5a3f155e564d6265c5cc764ab31e67ca8Red Hat Security Advisory 2024-4672-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a memory leak vulnerability.
262933c57231b7330035e4eca71b393a1ac52396ac5bb487c5e5d4e0b200812aRed Hat Security Advisory 2024-4671-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.
34bc02dd6d5408a06546e0dfa81436a698aab33ee9094c269c7f312753426b66Red Hat Security Advisory 2024-4670-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
cb4da693cd813fbfea840f1037a61900575e092b94a7240c5370624aad9e5639Red Hat Security Advisory 2024-4646-03 - An update for qt5-qtbase is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
8f4ae04d11702a098dd4c6342951f57fac353b206fbc08c46f1c56998aad8992Red Hat Security Advisory 2024-4645-03 - An update for qt5-qtbase is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
7a27b029169b1905bd814a1572765f4bd9cd5ffcf7c9ad85caf21cc0122aab9eRed Hat Security Advisory 2024-4642-03 - An update for libndp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
a7e9b094503f1c664febcbe3fe1f2e9e25fd034c9caaa4719a280737fd76d380Debian Linux Security Advisory 5733-1 - Multiple security issues were discovered in Thunderbird, which could potentially result in the execution of arbitrary code.
db8a7a3e6a1ff7d153fd74c94d94c02f5f563869049e63d3ceffadae2054c44cUbuntu Security Notice 6896-4 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.
8dd27500ca03c621e3b332d4f4a48899a12b1e1709641167738660d0e4522fabUbuntu Security Notice 6898-3 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.
9d8578e4d65e6a905377c4eafbc6560f359e3400f28ae0a9eb49ebc1093b3b26Ubuntu Security Notice 6895-3 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.
c2cdeb8147a5ff711973b3c8fee175db573062bd9897685481c20a336ce711ebUbuntu Security Notice 6902-1 - It was discovered that the Apache HTTP Server incorrectly handled certain handlers configured via AddType. A remote attacker could possibly use this issue to obtain source code.
9a63aa2943140950806a11aec9119a422cddc8e0dfdc7143ffb68c82b5967f3aRed Hat Security Advisory 2024-4662-03 - Red Hat OpenShift Virtualization release 4.15.3 is now available with updates to packages and images that fix several bugs and add enhancements.
fe6aa1c099c77eaae9d615e25cbf55df856b44555e78df95aebdcda8a8e3fe88Red Hat Security Advisory 2024-4647-03 - An update for qt5-qtbase is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
d17bdd6fbe03b6f0bac279a380dcbc40dbc8bd3a82320d9c7d73db6e1d08d789Red Hat Security Advisory 2024-4644-03 - An update for qt5-qtbase is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
d111bf666ae69b11d1c57450d134766cf0680669a865d79172154e810067183cRed Hat Security Advisory 2024-4643-03 - An update for libndp is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a buffer overflow vulnerability.
f06bf3202c7be3bc980c361f8d9a22218f1a1a6c56f18a1de3fe983674de3a82Red Hat Security Advisory 2024-4641-03 - An update for libndp is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
45e8d8849321dd14adcf48911828aa436336c5b96f1d6a0ef9cf36f4a1aa0f4aRed Hat Security Advisory 2024-4640-03 - An update for libndp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a buffer overflow vulnerability.
30ac2a3c3dd34ac56c348cfcc56612cd86f5cce4d89d2c8bcf0e6e9e3fd95629
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed